admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:47:38 +00:00
parent 44eb89a6e2
commit ac02b73f7b
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
61 changed files with 3555 additions and 3555 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

170
2007/0xxx/CVE-2007-0059.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0059", "ID": "CVE-2007-0059",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 allows remote user-assisted attackers to execute arbitrary code and list filesystem contents via a QuickTime movie (.MOV) with an HREF Track (HREFTrack) that contains an automatic action tag with a local URI, which is executed in a local zone during preview, as exploited by a MySpace worm."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://projects.info-pull.com/moab/MOAB-03-01-2007.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://projects.info-pull.com/moab/MOAB-03-01-2007.html" "lang": "eng",
}, "value": "Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 allows remote user-assisted attackers to execute arbitrary code and list filesystem contents via a QuickTime movie (.MOV) with an HREF Track (HREFTrack) that contains an automatic action tag with a local URI, which is executed in a local zone during preview, as exploited by a MySpace worm."
{ }
"name" : "http://www.gnucitizen.org/blog/backdooring-quicktime-movies/", ]
"refsource" : "MISC", },
"url" : "http://www.gnucitizen.org/blog/backdooring-quicktime-movies/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2007-03-05", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://docs.info.apple.com/article.html?artnum=305149", ]
"refsource" : "CONFIRM", }
"url" : "http://docs.info.apple.com/article.html?artnum=305149" ]
}, },
{ "references": {
"name" : "VU#304064", "reference_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/304064" "name": "VU#304064",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/304064"
"name" : "31164", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/31164" "name": "31164",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/31164"
} },
} {
"name": "http://www.gnucitizen.org/blog/backdooring-quicktime-movies/",
"refsource": "MISC",
"url": "http://www.gnucitizen.org/blog/backdooring-quicktime-movies/"
},
{
"name": "APPLE-SA-2007-03-05",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
},
{
"name": "http://projects.info-pull.com/moab/MOAB-03-01-2007.html",
"refsource": "MISC",
"url": "http://projects.info-pull.com/moab/MOAB-03-01-2007.html"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305149",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305149"
}
]
}
}

180
2007/0xxx/CVE-2007-0287.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0287", "ID": "CVE-2007-0287",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to Containers for J2EE, aka OC4J08."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to Containers for J2EE, aka OC4J08."
{ }
"name" : "TA07-017A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22083", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22083" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "32902", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/32902" ]
}, },
{ "references": {
"name" : "1017522", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017522" "name": "32902",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/32902"
"name" : "23794", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23794" "name": "23794",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23794"
"name" : "oracle-cpu-jan2007(31541)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" "name": "22083",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/22083"
} },
} {
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"name": "TA07-017A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-017A.html"
},
{
"name": "oracle-cpu-jan2007(31541)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541"
},
{
"name": "1017522",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017522"
}
]
}
}

140
2007/0xxx/CVE-2007-0541.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0541", "ID": "CVE-2007-0541",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read portions of certain files, via pingback service calls with a source URI that corresponds to a local pathname, which triggers different fault codes for existing and non-existing files, and in certain configurations causes a brief file excerpt to be published as a blog comment."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070124 Multiple Remote Vulnerabilities in Wordpress", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/458003/100/0/threaded" "lang": "eng",
}, "value": "WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read portions of certain files, via pingback service calls with a source URI that corresponds to a local pathname, which triggers different fault codes for existing and non-existing files, and in certain configurations causes a brief file excerpt to be published as a blog comment."
{ }
"name" : "20070124 Weaknesses in Pingback Design", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/457996/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2191", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2191" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20070124 Multiple Remote Vulnerabilities in Wordpress",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458003/100/0/threaded"
},
{
"name": "20070124 Weaknesses in Pingback Design",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457996/100/0/threaded"
},
{
"name": "2191",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2191"
}
]
}
}

150
2007/0xxx/CVE-2007-0567.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0567", "ID": "CVE-2007-0567",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in admin.php in Interactive-Scripts.Com PHP Membership Manager 1.5 allows remote attackers to inject arbitrary web script or HTML via the _p parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070126 PHP Membership Manager Cross-Site Scripting Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/458226/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in admin.php in Interactive-Scripts.Com PHP Membership Manager 1.5 allows remote attackers to inject arbitrary web script or HTML via the _p parameter."
{ }
"name" : "22263", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22263" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "33601", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33601" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "phpmembership-admin-xss(31916)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31916" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20070126 PHP Membership Manager Cross-Site Scripting Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458226/100/0/threaded"
},
{
"name": "33601",
"refsource": "OSVDB",
"url": "http://osvdb.org/33601"
},
{
"name": "phpmembership-admin-xss(31916)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31916"
},
{
"name": "22263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22263"
}
]
}
}

200
2007/0xxx/CVE-2007-0722.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0722", "ID": "CVE-2007-0722",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted AppleSingleEncoding disk image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.info.apple.com/article.html?artnum=305214", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=305214" "lang": "eng",
}, "value": "Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted AppleSingleEncoding disk image."
{ }
"name" : "APPLE-SA-2007-03-13", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "TA07-072A", "description": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "VU#124280", ]
"refsource" : "CERT-VN", }
"url" : "http://www.kb.cert.org/vuls/id/124280" ]
}, },
{ "references": {
"name" : "22948", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22948" "name": "TA07-072A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
"name" : "ADV-2007-0930", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0930" "name": "APPLE-SA-2007-03-13",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
"name" : "34847", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/34847" "name": "22948",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22948"
"name" : "1017751", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017751" "name": "http://docs.info.apple.com/article.html?artnum=305214",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=305214"
"name" : "24479", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24479" "name": "1017751",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1017751"
} },
} {
"name": "VU#124280",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/124280"
},
{
"name": "34847",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34847"
},
{
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
}

180
2007/3xxx/CVE-2007-3017.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3017", "ID": "CVE-2007-3017",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The WYSIWYG editor applet in activeWeb contentserver CMS before 5.6.2964 only filters malicious tags from articles sent to admin/applets/wysiwyg/rendereditor.asp, which allows remote authenticated users to inject arbitrary JavaScript via a request to admin/worklist/worklist_edit.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070713 ActiveWeb Contentserver CMS Clientside Filtering of Page Editor Content", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/473627/100/0/threaded" "lang": "eng",
}, "value": "The WYSIWYG editor applet in activeWeb contentserver CMS before 5.6.2964 only filters malicious tags from articles sent to admin/applets/wysiwyg/rendereditor.asp, which allows remote authenticated users to inject arbitrary JavaScript via a request to admin/worklist/worklist_edit.asp."
{ }
"name" : "http://www.redteam-pentesting.de/advisories/rt-sa-2007-006.php", ]
"refsource" : "MISC", },
"url" : "http://www.redteam-pentesting.de/advisories/rt-sa-2007-006.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24898", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24898" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "39745", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/39745" ]
}, },
{ "references": {
"name" : "26063", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26063" "name": "activeweb-worklistedit-xss(35399)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35399"
"name" : "2900", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2900" "name": "20070713 ActiveWeb Contentserver CMS Clientside Filtering of Page Editor Content",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/473627/100/0/threaded"
"name" : "activeweb-worklistedit-xss(35399)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35399" "name": "2900",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/2900"
} },
} {
"name": "http://www.redteam-pentesting.de/advisories/rt-sa-2007-006.php",
"refsource": "MISC",
"url": "http://www.redteam-pentesting.de/advisories/rt-sa-2007-006.php"
},
{
"name": "26063",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26063"
},
{
"name": "24898",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24898"
},
{
"name": "39745",
"refsource": "OSVDB",
"url": "http://osvdb.org/39745"
}
]
}
}

160
2007/3xxx/CVE-2007-3061.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3061", "ID": "CVE-2007-3061",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cactushop 6 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) cactushop6.mdb or (2) cactushop5.mdb."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070604 CACTUSHOP 6 Default Installation Allows Remote Database Disclosure", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/470439/100/0/threaded" "lang": "eng",
}, "value": "Cactushop 6 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) cactushop6.mdb or (2) cactushop5.mdb."
{ }
"name" : "42052", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/42052" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "42053", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/42053" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2780", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2780" ]
}, },
{ "references": {
"name" : "cactushop-cactushop-information-disclosure(34706)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34706" "name": "2780",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/2780"
} },
} {
"name": "cactushop-cactushop-information-disclosure(34706)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34706"
},
{
"name": "42052",
"refsource": "OSVDB",
"url": "http://osvdb.org/42052"
},
{
"name": "42053",
"refsource": "OSVDB",
"url": "http://osvdb.org/42053"
},
{
"name": "20070604 CACTUSHOP 6 Default Installation Allows Remote Database Disclosure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470439/100/0/threaded"
}
]
}
}

160
2007/3xxx/CVE-2007-3158.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3158", "ID": "CVE-2007-3158",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "download_script.asp in ASP Folder Gallery allows remote attackers to read arbitrary files via a filename in the file parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070606 ASP Folder Gallery Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/470667/100/0/threaded" "lang": "eng",
}, "value": "download_script.asp in ASP Folder Gallery allows remote attackers to read arbitrary files via a filename in the file parameter."
{ }
"name" : "24345", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24345" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "38372", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38372" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2793", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2793" ]
}, },
{ "references": {
"name" : "aspfolder-download-information-disclosure(34906)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34906" "name": "24345",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/24345"
} },
} {
"name": "20070606 ASP Folder Gallery Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470667/100/0/threaded"
},
{
"name": "aspfolder-download-information-disclosure(34906)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34906"
},
{
"name": "2793",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2793"
},
{
"name": "38372",
"refsource": "OSVDB",
"url": "http://osvdb.org/38372"
}
]
}
}

170
2007/3xxx/CVE-2007-3587.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3587", "ID": "CVE-2007-3587",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MyCMS 0.9.8 and earlier allows remote attackers to gain privileges via the admin cookie parameter, as demonstrated by a post to admin/settings.php that injects PHP code into settings.inc, which can then be executed via a direct request to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071122 MyBlog (MyCMS) Remote PHP Code execution / PHP Code injection ..", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/484064/100/100/threaded" "lang": "eng",
}, "value": "MyCMS 0.9.8 and earlier allows remote attackers to gain privileges via the admin cookie parameter, as demonstrated by a post to admin/settings.php that injects PHP code into settings.inc, which can then be executed via a direct request to index.php."
{ }
"name" : "20071123 Re: MyBlog (MyCMS) Remote PHP Code execution / PHP Code injection ..", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/484111/100/100/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "4145", "description": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4145" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24757", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/24757" ]
}, },
{ "references": {
"name" : "45779", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/45779" "name": "45779",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/45779"
"name" : "mycms-settings-games-command-execution(35254)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35254" "name": "mycms-settings-games-command-execution(35254)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35254"
} },
} {
"name": "4145",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4145"
},
{
"name": "20071122 MyBlog (MyCMS) Remote PHP Code execution / PHP Code injection ..",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484064/100/100/threaded"
},
{
"name": "20071123 Re: MyBlog (MyCMS) Remote PHP Code execution / PHP Code injection ..",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484111/100/100/threaded"
},
{
"name": "24757",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24757"
}
]
}
}

170
2007/4xxx/CVE-2007-4110.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4110", "ID": "CVE-2007-4110",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in sign_in.aspx in Message Board / Threaded Discussion Forum Application Template allows remote attackers to execute arbitrary SQL commands via the Password parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070728 Message Board / Threaded Discussion Forum SQL INJECTION", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/474937/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in sign_in.aspx in Message Board / Threaded Discussion Forum Application Template allows remote attackers to execute arbitrary SQL commands via the Password parameter."
{ }
"name" : "http://outlaw.aria-security.info/?p=10", ]
"refsource" : "MISC", },
"url" : "http://outlaw.aria-security.info/?p=10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25113", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25113" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26245", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/26245" ]
}, },
{ "references": {
"name" : "2936", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2936" "name": "messageboardthreaded-signin-sql-injection(35661)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35661"
"name" : "messageboardthreaded-signin-sql-injection(35661)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35661" "name": "2936",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/2936"
} },
} {
"name": "26245",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26245"
},
{
"name": "25113",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25113"
},
{
"name": "http://outlaw.aria-security.info/?p=10",
"refsource": "MISC",
"url": "http://outlaw.aria-security.info/?p=10"
},
{
"name": "20070728 Message Board / Threaded Discussion Forum SQL INJECTION",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474937/100/0/threaded"
}
]
}
}

170
2007/4xxx/CVE-2007-4111.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4111", "ID": "CVE-2007-4111",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote attackers to execute arbitrary SQL commands via the Password parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070728 Real Estate listing website application template SQL Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/474934/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote attackers to execute arbitrary SQL commands via the Password parameter."
{ }
"name" : "http://outlaw.aria-security.info/?p=10", ]
"refsource" : "MISC", },
"url" : "http://outlaw.aria-security.info/?p=10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25115", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25115" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26268", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/26268" ]
}, },
{ "references": {
"name" : "2949", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2949" "name": "realestate-logging-sql-injection(35667)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35667"
"name" : "realestate-logging-sql-injection(35667)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35667" "name": "20070728 Real Estate listing website application template SQL Injection",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/474934/100/0/threaded"
} },
} {
"name": "2949",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2949"
},
{
"name": "http://outlaw.aria-security.info/?p=10",
"refsource": "MISC",
"url": "http://outlaw.aria-security.info/?p=10"
},
{
"name": "26268",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26268"
},
{
"name": "25115",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25115"
}
]
}
}

250
2007/4xxx/CVE-2007-4292.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4292", "ID": "CVE-2007-4292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, and (7) CSCsc60249."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070808 Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml" "lang": "eng",
}, "value": "Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, and (7) CSCsc60249."
{ }
"name" : "25239", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25239" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:5781", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5781" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-2816", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/2816" ]
}, },
{ "references": {
"name" : "36670", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36670" "name": "36675",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36675"
"name" : "36671", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36671" "name": "ADV-2007-2816",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2816"
"name" : "36672", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36672" "name": "36674",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36674"
"name" : "36673", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36673" "name": "36671",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36671"
"name" : "36674", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36674" "name": "36670",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36670"
"name" : "36675", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36675" "name": "1018533",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018533"
"name" : "36676", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36676" "name": "36676",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36676"
"name" : "1018533", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018533" "name": "25239",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25239"
"name" : "26363", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26363" "name": "26363",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26363"
"name" : "cisco-ios-sip-dos(35890)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35890" "name": "cisco-ios-sip-dos(35890)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35890"
} },
} {
"name": "oval:org.mitre.oval:def:5781",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5781"
},
{
"name": "20070808 Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml"
},
{
"name": "36672",
"refsource": "OSVDB",
"url": "http://osvdb.org/36672"
},
{
"name": "36673",
"refsource": "OSVDB",
"url": "http://osvdb.org/36673"
}
]
}
}

270
2007/4xxx/CVE-2007-4497.json
View File

@ -1,137 +1,137 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4497", "ID": "CVE-2007-4497",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html" "lang": "eng",
}, "value": "Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors."
{ }
"name" : "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.vmware.com/support/ace/doc/releasenotes_ace.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.vmware.com/support/player/doc/releasenotes_player.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.vmware.com/support/player/doc/releasenotes_player.html" ]
}, },
{ "references": {
"name" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
"name" : "http://www.vmware.com/support/server/doc/releasenotes_server.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/server/doc/releasenotes_server.html" "name": "GLSA-200711-23",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
"name" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" "name": "USN-543-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-543-1"
"name" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" "name": "ADV-2007-3229",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3229"
"name" : "GLSA-200711-23", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200711-23.xml" "name": "27694",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27694"
"name" : "USN-543-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-543-1" "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
"name" : "25731", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25731" "name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
"name" : "ADV-2007-3229", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3229" "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
"name" : "1018718", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018718" "name": "25731",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25731"
"name" : "26890", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26890" "name": "26890",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26890"
"name" : "27694", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27694" "name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
"name" : "27706", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27706" "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
} "refsource": "CONFIRM",
] "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
} },
} {
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "27706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27706"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "1018718",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018718"
}
]
}
}

34
2007/4xxx/CVE-2007-4518.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4518", "ID": "CVE-2007-4518",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2007/6xxx/CVE-2007-6632.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6632", "ID": "CVE-2007-6632",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "showCode.php in xml2owl 0.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4800", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4800" "lang": "eng",
}, "value": "showCode.php in xml2owl 0.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter."
{ }
"name" : "http://www.inj3ct-it.org/exploit/xml2owl-0.1.1.rce.txt", ]
"refsource" : "MISC", },
"url" : "http://www.inj3ct-it.org/exploit/xml2owl-0.1.1.rce.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "27050", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/27050" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "39880", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/39880" ]
}, },
{ "references": {
"name" : "xml2owl-showcode-command-execution(39327)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39327" "name": "http://www.inj3ct-it.org/exploit/xml2owl-0.1.1.rce.txt",
} "refsource": "MISC",
] "url": "http://www.inj3ct-it.org/exploit/xml2owl-0.1.1.rce.txt"
} },
} {
"name": "4800",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4800"
},
{
"name": "27050",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27050"
},
{
"name": "39880",
"refsource": "OSVDB",
"url": "http://osvdb.org/39880"
},
{
"name": "xml2owl-showcode-command-execution(39327)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39327"
}
]
}
}

140
2014/100xxx/CVE-2014-100031.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-100031", "ID": "CVE-2014-100031",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2) main.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/125464", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/125464" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in Ganesha Digital Library (GDL) 4.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) download.php or (2) main.php."
{ }
"name" : "57171", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/57171" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ganesha-gdl-sql-injection(91554)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91554" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "ganesha-gdl-sql-injection(91554)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91554"
},
{
"name": "57171",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57171"
},
{
"name": "http://packetstormsecurity.com/files/125464",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125464"
}
]
}
}

140
2015/2xxx/CVE-2015-2050.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2050", "ID": "CVE-2015-2050",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050" "lang": "eng",
}, "value": "D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors."
{ }
"name" : "VU#184100", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/184100" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "73143", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73143" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050",
"refsource": "CONFIRM",
"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10050"
},
{
"name": "73143",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73143"
},
{
"name": "VU#184100",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/184100"
}
]
}
}

150
2015/2xxx/CVE-2015-2101.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2101", "ID": "CVE-2015-2101",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.drupal.org/node/2428815", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.drupal.org/node/2428815" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "https://www.drupal.org/node/2428503", ]
"refsource" : "CONFIRM", },
"url" : "https://www.drupal.org/node/2428503" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.drupal.org/node/2428505", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/node/2428505" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "72670", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/72670" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://www.drupal.org/node/2428503",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2428503"
},
{
"name": "https://www.drupal.org/node/2428505",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2428505"
},
{
"name": "72670",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72670"
},
{
"name": "https://www.drupal.org/node/2428815",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2428815"
}
]
}
}

150
2015/2xxx/CVE-2015-2234.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2234", "ID": "CVE-2015-2234",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 uses world-writable permissions for the update files directory, which allows local users to gain privileges by writing to an update file after the signature is validated."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ioactive.com/pdfs/Lenovo_System_Update_Multiple_Privilege_Escalations.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.ioactive.com/pdfs/Lenovo_System_Update_Multiple_Privilege_Escalations.pdf" "lang": "eng",
}, "value": "Race condition in Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 uses world-writable permissions for the update files directory, which allows local users to gain privileges by writing to an update file after the signature is validated."
{ }
"name" : "http://support.lenovo.com/us/en/product_security/lsu_privilege", ]
"refsource" : "CONFIRM", },
"url" : "http://support.lenovo.com/us/en/product_security/lsu_privilege" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "74634", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74634" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1032268", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id/1032268" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.ioactive.com/pdfs/Lenovo_System_Update_Multiple_Privilege_Escalations.pdf",
"refsource": "MISC",
"url": "http://www.ioactive.com/pdfs/Lenovo_System_Update_Multiple_Privilege_Escalations.pdf"
},
{
"name": "http://support.lenovo.com/us/en/product_security/lsu_privilege",
"refsource": "CONFIRM",
"url": "http://support.lenovo.com/us/en/product_security/lsu_privilege"
},
{
"name": "74634",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74634"
},
{
"name": "1032268",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id/1032268"
}
]
}
}

130
2015/2xxx/CVE-2015-2369.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2369", "ID": "CVE-2015-2369",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Windows Media Device Manager in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rtf file, aka \"DLL Planting Remote Code Execution Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-069", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-069" "lang": "eng",
}, "value": "Untrusted search path vulnerability in Windows Media Device Manager in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rtf file, aka \"DLL Planting Remote Code Execution Vulnerability.\""
{ }
"name" : "1032898", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1032898" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032898",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032898"
},
{
"name": "MS15-069",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-069"
}
]
}
}

150
2015/2xxx/CVE-2015-2435.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2435", "ID": "CVE-2015-2435",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Silverlight before 5.1.40728 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka \"TrueType Font Parsing Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-387", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-387" "lang": "eng",
}, "value": "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Silverlight before 5.1.40728 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka \"TrueType Font Parsing Vulnerability.\""
{ }
"name" : "MS15-080", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "76238", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76238" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033238", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033238" ]
} },
] "references": {
} "reference_data": [
} {
"name": "MS15-080",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080"
},
{
"name": "1033238",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033238"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-387",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-387"
},
{
"name": "76238",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76238"
}
]
}
}

310
2015/2xxx/CVE-2015-2708.json
View File

@ -1,157 +1,157 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2015-2708", "ID": "CVE-2015-2708",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-46.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-46.html" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1120655", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1120655" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1143299", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1143299" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1151139", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1151139" ]
}, },
{ "references": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1152177", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1152177" "name": "USN-2602-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2602-1"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "name": "RHSA-2015:0988",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-0988.html"
"name" : "https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7", },
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7" "name": "https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7"
"name" : "DSA-3260", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3260" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1120655",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1120655"
"name" : "DSA-3264", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3264" "name": "openSUSE-SU-2015:0892",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html"
"name" : "GLSA-201605-06", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201605-06" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1143299",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1143299"
"name" : "RHSA-2015:0988", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0988.html" "name": "DSA-3264",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3264"
"name" : "RHSA-2015:1012", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1012.html" "name": "DSA-3260",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3260"
"name" : "SUSE-SU-2015:0960", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html" "name": "SUSE-SU-2015:0978",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html"
"name" : "openSUSE-SU-2015:0934", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html" "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name" : "openSUSE-SU-2015:1266", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html" "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-46.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-46.html"
"name" : "SUSE-SU-2015:0978", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html" "name": "openSUSE-SU-2015:0934",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html"
"name" : "openSUSE-SU-2015:0892", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html" "name": "USN-2603-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2603-1"
"name" : "USN-2602-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2602-1" "name": "SUSE-SU-2015:0960",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html"
"name" : "USN-2603-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2603-1" "name": "RHSA-2015:1012",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1012.html"
"name" : "74615", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74615" "name": "openSUSE-SU-2015:1266",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
} },
} {
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1152177",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1152177"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1151139",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1151139"
},
{
"name": "GLSA-201605-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-06"
},
{
"name": "74615",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74615"
}
]
}
}

150
2015/6xxx/CVE-2015-6065.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-6065", "ID": "CVE-2015-6065",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6078."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20151201 Microsoft Internet Explorer CStyleRule Use-after-Free Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1210" "lang": "eng",
}, "value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6078."
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-229", ]
"refsource" : "MISC", },
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-229" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS15-112", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1034112", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1034112" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20151201 Microsoft Internet Explorer CStyleRule Use-after-Free Vulnerability",
"refsource": "IDEFENSE",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1210"
},
{
"name": "1034112",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034112"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-229",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-229"
},
{
"name": "MS15-112",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112"
}
]
}
}

34
2015/6xxx/CVE-2015-6221.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-6221", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-6221",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

170
2015/6xxx/CVE-2015-6988.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-6988", "ID": "CVE-2015-6988",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT205370", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205370" "lang": "eng",
}, "value": "The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement."
{ }
"name" : "https://support.apple.com/HT205375", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT205375" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2015-10-21-1", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-10-21-4", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" ]
}, },
{ "references": {
"name" : "77263", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77263" "name": "APPLE-SA-2015-10-21-4",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
"name" : "1033929", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033929" "name": "APPLE-SA-2015-10-21-1",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html"
} },
} {
"name": "https://support.apple.com/HT205375",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205375"
},
{
"name": "https://support.apple.com/HT205370",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205370"
},
{
"name": "77263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77263"
},
{
"name": "1033929",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033929"
}
]
}
}

150
2015/6xxx/CVE-2015-6999.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-6999", "ID": "CVE-2015-6999",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT205370", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205370" "lang": "eng",
}, "value": "The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate."
{ }
"name" : "APPLE-SA-2015-10-21-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "77268", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77268" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033929", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033929" ]
} },
] "references": {
} "reference_data": [
} {
"name": "APPLE-SA-2015-10-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html"
},
{
"name": "https://support.apple.com/HT205370",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205370"
},
{
"name": "1033929",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033929"
},
{
"name": "77268",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77268"
}
]
}
}

34
2015/7xxx/CVE-2015-7132.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-7132", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-7132",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

150
2015/7xxx/CVE-2015-7786.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2015-7786", "ID": "CVE-2015-7786",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the NTT DATA Smart Sourcing JavaScript module 2003-11-26 through 2013-07-09 for Web Analytics Service allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://jvn.jp/en/jp/JVN70083512/995570/index.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://jvn.jp/en/jp/JVN70083512/995570/index.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the NTT DATA Smart Sourcing JavaScript module 2003-11-26 through 2013-07-09 for Web Analytics Service allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "http://www.nttdata-smart.co.jp/information/2015/000040.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.nttdata-smart.co.jp/information/2015/000040.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVN#70083512", "description": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN70083512/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "JVNDB-2015-000196", ]
"refsource" : "JVNDB", }
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000196" ]
} },
] "references": {
} "reference_data": [
} {
"name": "JVNDB-2015-000196",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000196"
},
{
"name": "http://www.nttdata-smart.co.jp/information/2015/000040.html",
"refsource": "CONFIRM",
"url": "http://www.nttdata-smart.co.jp/information/2015/000040.html"
},
{
"name": "JVN#70083512",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN70083512/index.html"
},
{
"name": "http://jvn.jp/en/jp/JVN70083512/995570/index.html",
"refsource": "CONFIRM",
"url": "http://jvn.jp/en/jp/JVN70083512/995570/index.html"
}
]
}
}

140
2016/0xxx/CVE-2016-0149.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-0149", "ID": "CVE-2016-0149",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows man-in-the-middle attackers to obtain sensitive cleartext information via vectors involving injection of cleartext data into the client-server data stream, aka \"TLS/SSL Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-065", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-065" "lang": "eng",
}, "value": "Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows man-in-the-middle attackers to obtain sensitive cleartext information via vectors involving injection of cleartext data into the client-server data stream, aka \"TLS/SSL Information Disclosure Vulnerability.\""
{ }
"name" : "90026", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/90026" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1035842", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035842" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1035842",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035842"
},
{
"name": "MS16-065",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-065"
},
{
"name": "90026",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90026"
}
]
}
}

130
2016/0xxx/CVE-2016-0241.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0241", "ID": "CVE-2016-0241",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21990219", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21990219" "lang": "eng",
}, "value": "IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP."
{ }
"name" : "93828", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93828" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93828",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93828"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21990219",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990219"
}
]
}
}

140
2016/0xxx/CVE-2016-0321.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0321", "ID": "CVE-2016-0321",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981692", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981692" "lang": "eng",
}, "value": "IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script."
{ }
"name" : "IT12006", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT12006" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91751", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91751" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21981692",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981692"
},
{
"name": "91751",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91751"
},
{
"name": "IT12006",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT12006"
}
]
}
}

34
2016/0xxx/CVE-2016-0334.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-0334", "ID": "CVE-2016-0334",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2016/0xxx/CVE-2016-0941.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-0941", "ID": "CVE-2016-0941",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0940."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-16-010", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-16-010" "lang": "eng",
}, "value": "Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0940."
{ }
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034646", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034646" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1034646",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034646"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"name": "http://zerodayinitiative.com/advisories/ZDI-16-010",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-16-010"
}
]
}
}

140
2016/1000xxx/CVE-2016-1000150.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1000150", "ID": "CVE-2016-1000150",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Reflected XSS in wordpress plugin simplified-content v1.0.0"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=853", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=853" "lang": "eng",
}, "value": "Reflected XSS in wordpress plugin simplified-content v1.0.0"
{ }
"name" : "https://wordpress.org/plugins/simplified-content", ]
"refsource" : "MISC", },
"url" : "https://wordpress.org/plugins/simplified-content" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "93581", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93581" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.vapidlabs.com/wp/wp_advisory.php?v=853",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/wp/wp_advisory.php?v=853"
},
{
"name": "93581",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93581"
},
{
"name": "https://wordpress.org/plugins/simplified-content",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/simplified-content"
}
]
}
}

300
2016/10xxx/CVE-2016-10165.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10165", "ID": "CVE-2016-10165",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20170125 Re: CVE MLIST:[oss-security] 20170123 CVE request: lcms2 heap OOB read parsing crafted ICC profile", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2017/01/23/1" "lang": "eng",
}, "value": "The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read."
{ }
"name" : "[oss-security] 20170125 Re: CVE request: lcms2 heap OOB read parsing crafted ICC profile", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2017/01/25/14" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/mm2/Little-CMS/commit/5ca71a7bc18b6897ab21d815d15e218e204581e2", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/mm2/Little-CMS/commit/5ca71a7bc18b6897ab21d815d15e218e204581e2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" ]
}, },
{ "references": {
"name" : "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://security.netapp.com/advisory/ntap-20171019-0001/" "name": "USN-3770-2",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3770-2/"
"name" : "DSA-3774", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3774" "name": "DSA-3774",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2017/dsa-3774"
"name" : "RHSA-2017:3264", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:3264" "name": "RHSA-2016:2079",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2079.html"
"name" : "RHSA-2017:3267", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:3267" "name": "USN-3770-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3770-1/"
"name" : "RHSA-2017:3268", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:3268" "name": "RHSA-2017:3267",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:3267"
"name" : "RHSA-2017:3046", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:3046" "name": "RHSA-2017:3268",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:3268"
"name" : "RHSA-2017:2999", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:2999" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
"name" : "RHSA-2017:3453", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:3453" "name": "RHSA-2017:3046",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:3046"
"name" : "RHSA-2016:2079", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2079.html" "name": "openSUSE-SU-2017:0336",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00174.html"
"name" : "RHSA-2016:2658", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2658.html" "name": "95808",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/95808"
"name" : "openSUSE-SU-2017:0336", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2017-01/msg00174.html" "name": "1039596",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1039596"
"name" : "USN-3770-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3770-1/" "name": "RHSA-2017:3264",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:3264"
"name" : "USN-3770-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3770-2/" "name": "[oss-security] 20170125 Re: CVE request: lcms2 heap OOB read parsing crafted ICC profile",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2017/01/25/14"
"name" : "95808", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95808" "name": "RHSA-2017:3453",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:3453"
"name" : "1039596", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039596" "name": "https://security.netapp.com/advisory/ntap-20171019-0001/",
} "refsource": "CONFIRM",
] "url": "https://security.netapp.com/advisory/ntap-20171019-0001/"
} },
} {
"name": "[oss-security] 20170125 Re: CVE MLIST:[oss-security] 20170123 CVE request: lcms2 heap OOB read parsing crafted ICC profile",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/23/1"
},
{
"name": "RHSA-2017:2999",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2999"
},
{
"name": "https://github.com/mm2/Little-CMS/commit/5ca71a7bc18b6897ab21d815d15e218e204581e2",
"refsource": "CONFIRM",
"url": "https://github.com/mm2/Little-CMS/commit/5ca71a7bc18b6897ab21d815d15e218e204581e2"
},
{
"name": "RHSA-2016:2658",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2658.html"
}
]
}
}

150
2016/10xxx/CVE-2016-10252.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10252", "ID": "CVE-2016-10252",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b" "lang": "eng",
}, "value": "Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption."
{ }
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857426", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857426" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/Opendigitalradio/ODR-PadEnc/issues/2", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/Opendigitalradio/ODR-PadEnc/issues/2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3808", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2017/dsa-3808" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857426",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857426"
},
{
"name": "https://github.com/Opendigitalradio/ODR-PadEnc/issues/2",
"refsource": "CONFIRM",
"url": "https://github.com/Opendigitalradio/ODR-PadEnc/issues/2"
},
{
"name": "http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b",
"refsource": "CONFIRM",
"url": "http://git.imagemagick.org/repos/ImageMagick/commit/6790815c75bdea0357df5564345847856e995d6b"
},
{
"name": "DSA-3808",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3808"
}
]
}
}

130
2016/4xxx/CVE-2016-4337.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2016-4337", "ID": "CVE-2016-4337",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "40046", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/40046/" "lang": "eng",
}, "value": "SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action."
{ }
"name" : "http://packetstormsecurity.com/files/137734/Ktools-Photostore-4.7.5-Blind-SQL-Injection.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/137734/Ktools-Photostore-4.7.5-Blind-SQL-Injection.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40046",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40046/"
},
{
"name": "http://packetstormsecurity.com/files/137734/Ktools-Photostore-4.7.5-Blind-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137734/Ktools-Photostore-4.7.5-Blind-SQL-Injection.html"
}
]
}
}

130
2016/9xxx/CVE-2016-9183.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9183", "ID": "CVE-2016-9183",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In /framework/modules/ecommerce/controllers/orderController.php of Exponent CMS 2.4.0, untrusted input is passed into selectObjectsBySql. The method selectObjectsBySql of class mysqli_database uses the injectProof method to prevent SQL injection, but this filter can be bypassed easily: it only sanitizes user input if there are odd numbers of ' or \" characters. Impact is Information Disclosure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/exponentcms/exponent-cms/commit/3b3557e9f6ba193a4c23c8ce5498fa285dddf3f3", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/exponentcms/exponent-cms/commit/3b3557e9f6ba193a4c23c8ce5498fa285dddf3f3" "lang": "eng",
}, "value": "In /framework/modules/ecommerce/controllers/orderController.php of Exponent CMS 2.4.0, untrusted input is passed into selectObjectsBySql. The method selectObjectsBySql of class mysqli_database uses the injectProof method to prevent SQL injection, but this filter can be bypassed easily: it only sanitizes user input if there are odd numbers of ' or \" characters. Impact is Information Disclosure."
{ }
"name" : "94227", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94227" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94227",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94227"
},
{
"name": "https://github.com/exponentcms/exponent-cms/commit/3b3557e9f6ba193a4c23c8ce5498fa285dddf3f3",
"refsource": "CONFIRM",
"url": "https://github.com/exponentcms/exponent-cms/commit/3b3557e9f6ba193a4c23c8ce5498fa285dddf3f3"
}
]
}
}

140
2016/9xxx/CVE-2016-9622.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9622", "ID": "CVE-2016-9622",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161123 Re: CVE request: w3m - multiple vulnerabilities", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/11/24/1" "lang": "eng",
}, "value": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page."
{ }
"name" : "https://github.com/tats/w3m/blob/master/ChangeLog", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/tats/w3m/blob/master/ChangeLog" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/tats/w3m/issues/32", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/tats/w3m/issues/32" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/tats/w3m/blob/master/ChangeLog",
"refsource": "CONFIRM",
"url": "https://github.com/tats/w3m/blob/master/ChangeLog"
},
{
"name": "https://github.com/tats/w3m/issues/32",
"refsource": "CONFIRM",
"url": "https://github.com/tats/w3m/issues/32"
},
{
"name": "[oss-security] 20161123 Re: CVE request: w3m - multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/24/1"
}
]
}
}

140
2016/9xxx/CVE-2016-9864.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9864", "ID": "CVE-2016-9864",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and if the control user has the necessary privileges, read access to some tables of the MySQL database. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.phpmyadmin.net/security/PMASA-2016-69", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.phpmyadmin.net/security/PMASA-2016-69" "lang": "eng",
}, "value": "An issue was discovered in phpMyAdmin. With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the control user. This gives read and write access to the tables of the configuration storage database, and if the control user has the necessary privileges, read access to some tables of the MySQL database. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected."
{ }
"name" : "GLSA-201701-32", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201701-32" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "94533", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94533" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://www.phpmyadmin.net/security/PMASA-2016-69",
"refsource": "CONFIRM",
"url": "https://www.phpmyadmin.net/security/PMASA-2016-69"
},
{
"name": "GLSA-201701-32",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-32"
},
{
"name": "94533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94533"
}
]
}
}

34
2019/2xxx/CVE-2019-2043.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2043", "ID": "CVE-2019-2043",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2145.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2145", "ID": "CVE-2019-2145",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2600.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2600", "ID": "CVE-2019-2600",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3435.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3435", "ID": "CVE-2019-3435",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3605.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3605", "ID": "CVE-2019-3605",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3851.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3851", "ID": "CVE-2019-3851",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6494.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6494", "ID": "CVE-2019-6494",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6670.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6670", "ID": "CVE-2019-6670",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6795.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6795", "ID": "CVE-2019-6795",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6895.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6895", "ID": "CVE-2019-6895",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7410.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7410", "ID": "CVE-2019-7410",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7481.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7481", "ID": "CVE-2019-7481",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7584.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7584", "ID": "CVE-2019-7584",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/7xxx/CVE-2019-7737.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7737", "ID": "CVE-2019-7737",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A CSRF vulnerability was found in Verydows v2.0 that can add an admin account via index.php?m=backend&c=admin&a=add&step=submit."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/Verytops/verydows/issues/10", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/Verytops/verydows/issues/10" "lang": "eng",
} "value": "A CSRF vulnerability was found in Verydows v2.0 that can add an admin account via index.php?m=backend&c=admin&a=add&step=submit."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Verytops/verydows/issues/10",
"refsource": "MISC",
"url": "https://github.com/Verytops/verydows/issues/10"
}
]
}
}

34
2019/7xxx/CVE-2019-7932.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7932", "ID": "CVE-2019-7932",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8184.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8184", "ID": "CVE-2019-8184",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

122
2019/8xxx/CVE-2019-8276.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vulnerability@kaspersky.com", "ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC" : "2019-03-01T00:00:00", "DATE_PUBLIC": "2019-03-01T00:00:00",
"ID" : "CVE-2019-8276", "ID": "CVE-2019-8276",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "UltraVNC", "product_name": "UltraVNC",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.2.2.3" "version_value": "1.2.2.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Kaspersky Lab" "vendor_name": "Kaspersky Lab"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-121: Stack-based Buffer Overflow"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-023-ultravnc-stack-based-buffer-overflow/", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-023-ultravnc-stack-based-buffer-overflow/" "lang": "eng",
} "value": "UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-023-ultravnc-stack-based-buffer-overflow/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-023-ultravnc-stack-based-buffer-overflow/"
}
]
}
}

34
2019/8xxx/CVE-2019-8544.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8544", "ID": "CVE-2019-8544",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8803.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8803", "ID": "CVE-2019-8803",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/9xxx/CVE-2019-9632.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9632", "ID": "CVE-2019-9632",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.iwantacve.cn/index.php/archives/132/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.iwantacve.cn/index.php/archives/132/" "lang": "eng",
} "value": "ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.iwantacve.cn/index.php/archives/132/",
"refsource": "MISC",
"url": "http://www.iwantacve.cn/index.php/archives/132/"
}
]
}
}

34
2019/9xxx/CVE-2019-9801.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9801", "ID": "CVE-2019-9801",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }