admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 21:43:29 +00:00
parent 118a9bbe54
commit b35c538208
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
46 changed files with 2934 additions and 2934 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
1999/0xxx/CVE-1999-0268.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0268", "ID": "CVE-1999-0268",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MetaInfo MetaWeb web server allows users to upload, execute, and read scripts."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "110", "description_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/110" "lang": "eng",
}, "value": "MetaInfo MetaWeb web server allows users to upload, execute, and read scripts."
{ }
"name" : "3969", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/3969" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "110",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/110"
},
{
"name": "3969",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3969"
}
]
}
}

120
1999/0xxx/CVE-1999-0562.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0562", "ID": "CVE-1999-0562",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The registry in Windows NT can be accessed remotely by users who are not administrators."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "oval:org.mitre.oval:def:1023", "description_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1023" "lang": "eng",
} "value": "The registry in Windows NT can be accessed remotely by users who are not administrators."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:1023",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1023"
}
]
}
}

120
1999/0xxx/CVE-1999-0991.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0991", "ID": "CVE-1999-0991",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "862", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/862" "lang": "eng",
} "value": "Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/862"
}
]
}
}

140
1999/1xxx/CVE-1999-1130.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1130", "ID": "CVE-1999-1130",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19990730 Netscape Enterprise Server yeilds source of JHTML", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=93346448121208&w=2" "lang": "eng",
}, "value": "Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file."
{ }
"name" : "19990730 Netscape Enterprise Server yeilds source of JHTML", ]
"refsource" : "NTBUGTRAQ", },
"url" : "http://marc.info/?l=ntbugtraq&m=93337389603117&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "559", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/559" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "19990730 Netscape Enterprise Server yeilds source of JHTML",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=93346448121208&w=2"
},
{
"name": "19990730 Netscape Enterprise Server yeilds source of JHTML",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=93337389603117&w=2"
},
{
"name": "559",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/559"
}
]
}
}

170
2000/1xxx/CVE-2000-1119.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1119", "ID": "CVE-2000-1119",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long \"x=\" argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001201 Fixed local AIX V43 vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=97569466809056&w=2" "lang": "eng",
}, "value": "Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long \"x=\" argument."
{ }
"name" : "IY08812", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IY08812&apar=only" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "IY10721", "description": [
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IY10721&apar=only" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2032", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/2032" ]
}, },
{ "references": {
"name" : "aix-setsenv-bo(5621)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5621" "name": "2032",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/2032"
"name" : "1676", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/1676" "name": "IY10721",
} "refsource": "AIXAPAR",
] "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY10721&apar=only"
} },
} {
"name": "IY08812",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY08812&apar=only"
},
{
"name": "20001201 Fixed local AIX V43 vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=97569466809056&w=2"
},
{
"name": "1676",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1676"
},
{
"name": "aix-setsenv-bo(5621)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5621"
}
]
}
}

130
2005/2xxx/CVE-2005-2209.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2209", "ID": "CVE-2005-2209",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Capturix ScanShare 1.06 build 50 stores sensitive information such as the password in cleartext in capturixss_cfg.ini, which is readable by local users."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "1014409", "description_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014409" "lang": "eng",
}, "value": "Capturix ScanShare 1.06 build 50 stores sensitive information such as the password in cleartext in capturixss_cfg.ini, which is readable by local users."
{ }
"name" : "15995", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/15995" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1014409",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014409"
},
{
"name": "15995",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15995"
}
]
}
}

150
2005/2xxx/CVE-2005-2761.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2005-2761", "ID": "CVE-2005-2761",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in phpGroupWare 0.9.16.000 allows administrators to inject arbitrary web script or HTML by modifying the main screen message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://savannah.gnu.org/bugs/?func=detailitem&item_id=13863", "description_data": [
"refsource" : "MISC", {
"url" : "http://savannah.gnu.org/bugs/?func=detailitem&item_id=13863" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in phpGroupWare 0.9.16.000 allows administrators to inject arbitrary web script or HTML by modifying the main screen message."
{ }
"name" : "DSA-798", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2005/dsa-798" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1014832", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014832" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "16558", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/16558" ]
} },
] "references": {
} "reference_data": [
} {
"name": "16558",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16558"
},
{
"name": "1014832",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014832"
},
{
"name": "DSA-798",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-798"
},
{
"name": "http://savannah.gnu.org/bugs/?func=detailitem&item_id=13863",
"refsource": "MISC",
"url": "http://savannah.gnu.org/bugs/?func=detailitem&item_id=13863"
}
]
}
}

170
2005/3xxx/CVE-2005-3492.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3492", "ID": "CVE-2005-3492",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "FlatFrag 0.3 and earlier allows remote attackers to cause a denial of service (crash) by sending an NT_CONN_OK command from a client that is not connected, which triggers a null dereference."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051102 Buffer-overflow and crash in FlatFrag 0.3", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://marc.info/?l=full-disclosure&m=113096078606274&w=2" "lang": "eng",
}, "value": "FlatFrag 0.3 and earlier allows remote attackers to cause a denial of service (crash) by sending an NT_CONN_OK command from a client that is not connected, which triggers a null dereference."
{ }
"name" : "20051102 Buffer-overflow and crash in FlatFrag 0.3", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/415636/30/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://aluigi.altervista.org/adv/flatfragz-adv.txt", "description": [
"refsource" : "MISC", {
"url" : "http://aluigi.altervista.org/adv/flatfragz-adv.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15287", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/15287" ]
}, },
{ "references": {
"name" : "ADV-2005-2285", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2285" "name": "http://aluigi.altervista.org/adv/flatfragz-adv.txt",
}, "refsource": "MISC",
{ "url": "http://aluigi.altervista.org/adv/flatfragz-adv.txt"
"name" : "20770", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/20770" "name": "ADV-2005-2285",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2005/2285"
} },
} {
"name": "15287",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15287"
},
{
"name": "20770",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20770"
},
{
"name": "20051102 Buffer-overflow and crash in FlatFrag 0.3",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/415636/30/0/threaded"
},
{
"name": "20051102 Buffer-overflow and crash in FlatFrag 0.3",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=113096078606274&w=2"
}
]
}
}

340
2005/3xxx/CVE-2005-3573.json
View File

@ -1,172 +1,172 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3573", "ID": "CVE-2005-3573",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[Mailman-Users] 20050912 Uncaught runner exception: 'utf8' codeccan'tdecode bytes in position 1-4: invalid data", "description_data": [
"refsource" : "MLIST", {
"url" : "http://mail.python.org/pipermail/mailman-users/2005-September/046523.html" "lang": "eng",
}, "value": "Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash)."
{ }
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327732", ]
"refsource" : "CONFIRM", },
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327732" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-955", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-955" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "MDKSA-2005:222", ]
"refsource" : "MANDRIVA", }
"url" : "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:222" ]
}, },
{ "references": {
"name" : "RHSA-2006:0204", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0204.html" "name": "19167",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19167"
"name" : "20060401-01-U", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U" "name": "USN-242-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-242-1"
"name" : "SUSE-SR:2006:001", },
"refsource" : "SUSE", {
"url" : "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0003.html" "name": "18503",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18503"
"name" : "2006-0012", },
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.org/errata/2006/0012/" "name": "ADV-2005-2404",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/2404"
"name" : "USN-242-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-242-1" "name": "20060401-01-U",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U"
"name" : "15408", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15408" "name": "2006-0012",
}, "refsource": "TRUSTIX",
{ "url": "http://www.trustix.org/errata/2006/0012/"
"name" : "oval:org.mitre.oval:def:10038", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10038" "name": "RHSA-2006:0204",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0204.html"
"name" : "ADV-2005-2404", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2404" "name": "oval:org.mitre.oval:def:10038",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10038"
"name" : "20819", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/20819" "name": "20819",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/20819"
"name" : "1015735", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015735" "name": "mailman-utf8-scrubber-dos(23139)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23139"
"name" : "17511", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17511" "name": "18456",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18456"
"name" : "17874", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17874" "name": "1015735",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015735"
"name" : "18503", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18503" "name": "SUSE-SR:2006:001",
}, "refsource": "SUSE",
{ "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0003.html"
"name" : "18612", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18612" "name": "17874",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17874"
"name" : "19167", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19167" "name": "19532",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19532"
"name" : "19196", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19196" "name": "MDKSA-2005:222",
}, "refsource": "MANDRIVA",
{ "url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:222"
"name" : "18456", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18456" "name": "15408",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/15408"
"name" : "19532", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19532" "name": "18612",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18612"
"name" : "mailman-utf8-scrubber-dos(23139)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23139" "name": "17511",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/17511"
} },
} {
"name": "[Mailman-Users] 20050912 Uncaught runner exception: 'utf8' codeccan'tdecode bytes in position 1-4: invalid data",
"refsource": "MLIST",
"url": "http://mail.python.org/pipermail/mailman-users/2005-September/046523.html"
},
{
"name": "19196",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19196"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327732",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327732"
},
{
"name": "DSA-955",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-955"
}
]
}
}

210
2007/5xxx/CVE-2007-5112.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5112", "ID": "CVE-2007-5112",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in session.cgi (aka the login page) in Google Urchin 5 5.7.03 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string, a different vulnerability than CVE-2007-4713. NOTE: this can be leveraged to capture login credentials in some browsers that support remembered (auto-completed) passwords."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070924 Google Urchin password theft madness", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/480469/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in session.cgi (aka the login page) in Google Urchin 5 5.7.03 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string, a different vulnerability than CVE-2007-4713. NOTE: this can be leveraged to capture login credentials in some browsers that support remembered (auto-completed) passwords."
{ }
"name" : "20071010 Vulnerabilities digest", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/482006/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://ha.ckers.org/blog/20070823/xss-and-possible-information-disclosure-in-urchin/", "description": [
"refsource" : "MISC", {
"url" : "http://ha.ckers.org/blog/20070823/xss-and-possible-information-disclosure-in-urchin/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://hackademix.net/2007/09/24/googhole-xss-pwning-gmail-picasa-and-almost-200k-customers/", ]
"refsource" : "MISC", }
"url" : "http://hackademix.net/2007/09/24/googhole-xss-pwning-gmail-picasa-and-almost-200k-customers/" ]
}, },
{ "references": {
"name" : "http://websecurity.com.ua/1283/", "reference_data": [
"refsource" : "MISC", {
"url" : "http://websecurity.com.ua/1283/" "name": "http://securityvulns.ru/Sdocument90.html",
}, "refsource": "MISC",
{ "url": "http://securityvulns.ru/Sdocument90.html"
"name" : "http://www.gnucitizen.org/blog/google-urchin-password-theft-madness", },
"refsource" : "MISC", {
"url" : "http://www.gnucitizen.org/blog/google-urchin-password-theft-madness" "name": "38578",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/38578"
"name" : "http://securityvulns.ru/Sdocument90.html", },
"refsource" : "MISC", {
"url" : "http://securityvulns.ru/Sdocument90.html" "name": "http://ha.ckers.org/blog/20070823/xss-and-possible-information-disclosure-in-urchin/",
}, "refsource": "MISC",
{ "url": "http://ha.ckers.org/blog/20070823/xss-and-possible-information-disclosure-in-urchin/"
"name" : "25788", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25788" "name": "20070924 Google Urchin password theft madness",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/480469/100/0/threaded"
"name" : "38578", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38578" "name": "http://www.gnucitizen.org/blog/google-urchin-password-theft-madness",
}, "refsource": "MISC",
{ "url": "http://www.gnucitizen.org/blog/google-urchin-password-theft-madness"
"name" : "3177", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3177" "name": "http://websecurity.com.ua/1283/",
} "refsource": "MISC",
] "url": "http://websecurity.com.ua/1283/"
} },
} {
"name": "20071010 Vulnerabilities digest",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
},
{
"name": "3177",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3177"
},
{
"name": "http://hackademix.net/2007/09/24/googhole-xss-pwning-gmail-picasa-and-almost-200k-customers/",
"refsource": "MISC",
"url": "http://hackademix.net/2007/09/24/googhole-xss-pwning-gmail-picasa-and-almost-200k-customers/"
},
{
"name": "25788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25788"
}
]
}
}

180
2007/5xxx/CVE-2007-5120.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5120", "ID": "CVE-2007-5120",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki 2.4.103 and 2.5.139-beta allow remote attackers to inject arbitrary web script or HTML via the (1) group and (2) members parameters in (a) NewGroup.jsp; the (3) edittime parameter in (b) Edit.jsp; the (4) edittime, (5) author, and (6) link parameters in (c) Comment.jsp; the (7) loginname, (8) wikiname, (9) fullname, and (10) email parameters in (d) UserPreferences.jsp and (e) Login.jsp; the (11) r1 and (12) r2 parameters in (f) Diff.jsp; and the (13) changenote parameter in (g) PageInfo.jsp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070925 JSPWiki Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/480570/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki 2.4.103 and 2.5.139-beta allow remote attackers to inject arbitrary web script or HTML via the (1) group and (2) members parameters in (a) NewGroup.jsp; the (3) edittime parameter in (b) Edit.jsp; the (4) edittime, (5) author, and (6) link parameters in (c) Comment.jsp; the (7) loginname, (8) wikiname, (9) fullname, and (10) email parameters in (d) UserPreferences.jsp and (e) Login.jsp; the (11) r1 and (12) r2 parameters in (f) Diff.jsp; and the (13) changenote parameter in (g) PageInfo.jsp."
{ }
"name" : "20070924 JSPWiki Multiple Input Validation Vulnerabilities", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/066096.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.ecyrd.com/~jalkanen/JSPWiki/2.4.104/ChangeLog", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.ecyrd.com/~jalkanen/JSPWiki/2.4.104/ChangeLog" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25803", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25803" ]
}, },
{ "references": {
"name" : "26961", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26961" "name": "25803",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25803"
"name" : "3167", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3167" "name": "20070925 JSPWiki Multiple Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/480570/100/0/threaded"
"name" : "jspwiki-multiple-xss(36766)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36766" "name": "http://www.ecyrd.com/~jalkanen/JSPWiki/2.4.104/ChangeLog",
} "refsource": "CONFIRM",
] "url": "http://www.ecyrd.com/~jalkanen/JSPWiki/2.4.104/ChangeLog"
} },
} {
"name": "3167",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3167"
},
{
"name": "jspwiki-multiple-xss(36766)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36766"
},
{
"name": "20070924 JSPWiki Multiple Input Validation Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/066096.html"
},
{
"name": "26961",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26961"
}
]
}
}

180
2009/2xxx/CVE-2009-2156.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2156", "ID": "CVE-2009-2156",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in TorrentTrader Classic 1.09 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Title field to requests.php, related to viewrequests.php; and (2) the Torrent Name field to torrents-upload.php, related to the logging of torrent uploads; and allow remote attackers to inject arbitrary web script or HTML via (3) the ttversion parameter to themes/default/footer.php, the (4) SITENAME and (5) CURUSER[username] parameters to themes/default/header.php, (6) the todayactive parameter to visitorstoday.php, (7) the activepeople parameter to visitorsnow.php, (8) the faq_categ[999][title] parameter to faq.php, and (9) the keepget parameter to torrents-details.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090615 [waraxe-2009-SA#074] - Multiple Vulnerabilities in TorrentTrader Classic 1.09", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/504294/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in TorrentTrader Classic 1.09 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Title field to requests.php, related to viewrequests.php; and (2) the Torrent Name field to torrents-upload.php, related to the logging of torrent uploads; and allow remote attackers to inject arbitrary web script or HTML via (3) the ttversion parameter to themes/default/footer.php, the (4) SITENAME and (5) CURUSER[username] parameters to themes/default/header.php, (6) the todayactive parameter to visitorstoday.php, (7) the activepeople parameter to visitorsnow.php, (8) the faq_categ[999][title] parameter to faq.php, and (9) the keepget parameter to torrents-details.php."
{ }
"name" : "8958", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/8958" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.waraxe.us/advisory-74.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.waraxe.us/advisory-74.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "35369", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/35369" ]
}, },
{ "references": {
"name" : "35456", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35456" "name": "torrenttrader-multiplescripts-xss(51145)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51145"
"name" : "torrenttrader-multiplescripts-xss(51145)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51145" "name": "35456",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35456"
"name" : "torrenttrader-viewrequests-xss(51144)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51144" "name": "35369",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/35369"
} },
} {
"name": "8958",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8958"
},
{
"name": "20090615 [waraxe-2009-SA#074] - Multiple Vulnerabilities in TorrentTrader Classic 1.09",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504294/100/0/threaded"
},
{
"name": "torrenttrader-viewrequests-xss(51144)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51144"
},
{
"name": "http://www.waraxe.us/advisory-74.html",
"refsource": "MISC",
"url": "http://www.waraxe.us/advisory-74.html"
}
]
}
}

140
2009/2xxx/CVE-2009-2303.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2303", "ID": "CVE-2009-2303",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "index.php in Aardvark Topsites PHP 5.2.1 and earlier allows remote attackers to obtain sensitive information via a negative integer value for the start parameter in a search action, which reveals the installation path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090625 Report vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/504574/100/0/threaded" "lang": "eng",
}, "value": "index.php in Aardvark Topsites PHP 5.2.1 and earlier allows remote attackers to obtain sensitive information via a negative integer value for the start parameter in a search action, which reveals the installation path in an error message."
{ }
"name" : "http://websec.id3as.com/aardvark-topsites-php-521-security-vulnerabilities-disclosure/", ]
"refsource" : "MISC", },
"url" : "http://websec.id3as.com/aardvark-topsites-php-521-security-vulnerabilities-disclosure/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "aardvarktopsitesphp-index-info-disclosure(51392)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51392" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20090625 Report vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504574/100/0/threaded"
},
{
"name": "aardvarktopsitesphp-index-info-disclosure(51392)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51392"
},
{
"name": "http://websec.id3as.com/aardvark-topsites-php-521-security-vulnerabilities-disclosure/",
"refsource": "MISC",
"url": "http://websec.id3as.com/aardvark-topsites-php-521-security-vulnerabilities-disclosure/"
}
]
}
}

190
2009/2xxx/CVE-2009-2851.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2851", "ID": "CVE-2009-2851",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20090721 CVE Request -- WordPress", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2009/07/21/1" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL."
{ }
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=278492", ]
"refsource" : "CONFIRM", },
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=278492" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://wordpress.org/development/2009/07/wordpress-2-8-2/", "description": [
"refsource" : "CONFIRM", {
"url" : "http://wordpress.org/development/2009/07/wordpress-2-8-2/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=512900", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=512900" ]
}, },
{ "references": {
"name" : "DSA-1871", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2009/dsa-1871" "name": "[oss-security] 20090721 CVE Request -- WordPress",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2009/07/21/1"
"name" : "FEDORA-2009-8109", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01241.html" "name": "FEDORA-2009-8114",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01253.html"
"name" : "FEDORA-2009-8114", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01253.html" "name": "DSA-1871",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2009/dsa-1871"
"name" : "1022589", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1022589" "name": "http://wordpress.org/development/2009/07/wordpress-2-8-2/",
} "refsource": "CONFIRM",
] "url": "http://wordpress.org/development/2009/07/wordpress-2-8-2/"
} },
} {
"name": "FEDORA-2009-8109",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01241.html"
},
{
"name": "1022589",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022589"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=278492",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=278492"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=512900",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512900"
}
]
}
}

34
2009/3xxx/CVE-2009-3685.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2009-3685", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2009-3685",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none."
} }
] ]
} }
} }

140
2009/3xxx/CVE-2009-3935.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3935", "ID": "CVE-2009-3935",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg", "description_data": [
"refsource" : "CONFIRM", {
"url" : "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in the Advanced Management Module firmware before 2.50G for the IBM BladeCenter T 8720-2xx and 8730-2xx have unknown impact and attack vectors."
{ }
"name" : "36970", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/36970" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2009-3188", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3188" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "36970",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36970"
},
{
"name": "ADV-2009-3188",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3188"
},
{
"name": "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg",
"refsource": "CONFIRM",
"url": "ftp://download2.boulder.ibm.com/ecc/sar/CMA/XSA/00pj6/0/ibm_fw_amm_bbet50g_anyos_noarch.chg"
}
]
}
}

180
2015/0xxx/CVE-2015-0008.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-0008", "ID": "CVE-2015-0008",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not include authentication from the server to the client, which allows remote attackers to execute arbitrary code by making crafted data available on a UNC share, as demonstrated by Group Policy data from a spoofed domain controller, aka \"Group Policy Remote Code Execution Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.jasadvisors.com/additonal-jasbug-security-exploit-info/", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.jasadvisors.com/additonal-jasbug-security-exploit-info/" "lang": "eng",
}, "value": "The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not include authentication from the server to the client, which allows remote attackers to execute arbitrary code by making crafted data available on a UNC share, as demonstrated by Group Policy data from a spoofed domain controller, aka \"Group Policy Remote Code Execution Vulnerability.\""
{ }
"name" : "http://blogs.technet.com/b/srd/archive/2015/02/10/ms15-011-amp-ms15-014-hardening-group-policy.aspx", ]
"refsource" : "CONFIRM", },
"url" : "http://blogs.technet.com/b/srd/archive/2015/02/10/ms15-011-amp-ms15-014-hardening-group-policy.aspx" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS15-011", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-011" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "VU#787252", ]
"refsource" : "CERT-VN", }
"url" : "http://www.kb.cert.org/vuls/id/787252" ]
}, },
{ "references": {
"name" : "72477", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72477" "name": "MS15-011",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-011"
"name" : "1031719", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031719" "name": "VU#787252",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/787252"
"name" : "ms-grouppolicy-cve20150008-code-exec(100426)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100426" "name": "ms-grouppolicy-cve20150008-code-exec(100426)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100426"
} },
} {
"name": "http://blogs.technet.com/b/srd/archive/2015/02/10/ms15-011-amp-ms15-014-hardening-group-policy.aspx",
"refsource": "CONFIRM",
"url": "http://blogs.technet.com/b/srd/archive/2015/02/10/ms15-011-amp-ms15-014-hardening-group-policy.aspx"
},
{
"name": "1031719",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031719"
},
{
"name": "72477",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72477"
},
{
"name": "https://www.jasadvisors.com/additonal-jasbug-security-exploit-info/",
"refsource": "MISC",
"url": "https://www.jasadvisors.com/additonal-jasbug-security-exploit-info/"
}
]
}
}

120
2015/0xxx/CVE-2015-0873.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2015-0873", "ID": "CVE-2015-0873",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Homepage Decorator PerlTreeBBS 2.30 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "JVN#96155055", "description_data": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN96155055/index.html" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in Homepage Decorator PerlTreeBBS 2.30 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#96155055",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN96155055/index.html"
}
]
}
}

120
2015/0xxx/CVE-2015-0980.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-0980", "ID": "CVE-2015-0980",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in BACnOPCServer.exe in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via format string specifiers in a request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-069-03", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-069-03" "lang": "eng",
} "value": "Format string vulnerability in BACnOPCServer.exe in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to execute arbitrary code via format string specifiers in a request."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-069-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-069-03"
}
]
}
}

150
2015/4xxx/CVE-2015-4173.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4173", "ID": "CVE-2015-4173",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150824 Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/536303/100/0/threaded" "lang": "eng",
}, "value": "Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder."
{ }
"name" : "http://packetstormsecurity.com/files/133302/Dell-SonicWall-NetExtender-7.5.215-Privilege-Escalation.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/133302/Dell-SonicWall-NetExtender-7.5.215-Privilege-Escalation.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.software.dell.com/product-notification/157537", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.software.dell.com/product-notification/157537" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033417", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033417" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://packetstormsecurity.com/files/133302/Dell-SonicWall-NetExtender-7.5.215-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133302/Dell-SonicWall-NetExtender-7.5.215-Privilege-Escalation.html"
},
{
"name": "20150824 Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536303/100/0/threaded"
},
{
"name": "1033417",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033417"
},
{
"name": "https://support.software.dell.com/product-notification/157537",
"refsource": "CONFIRM",
"url": "https://support.software.dell.com/product-notification/157537"
}
]
}
}

180
2015/4xxx/CVE-2015-4851.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4851", "ID": "CVE-2015-4851",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to XML input. NOTE: the previous information is from the October 2015 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability, which allows remote attackers to read arbitrary files, cause a denial of service, or conduct SMB Relay attacks via a crafted DTD in an XML request to OA_HTML/oramipp_lpr."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20151029 [ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/536790/100/0/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to XML input. NOTE: the previous information is from the October 2015 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability, which allows remote attackers to read arbitrary files, cause a denial of service, or conduct SMB Relay attacks via a crafted DTD in an XML request to OA_HTML/oramipp_lpr."
{ }
"name" : "20151030 [ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2015/Oct/113" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://erpscan.io/advisories/erpscan-15-030-oracle-e-business-suite-xxe/", "description": [
"refsource" : "MISC", {
"url" : "https://erpscan.io/advisories/erpscan-15-030-oracle-e-business-suite-xxe/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://packetstormsecurity.com/files/134119/Oracle-E-Business-Suite-12.1.3-XXE-Injection.html", ]
"refsource" : "MISC", }
"url" : "http://packetstormsecurity.com/files/134119/Oracle-E-Business-Suite-12.1.3-XXE-Injection.html" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" "name": "1033877",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033877"
"name" : "77244", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77244" "name": "https://erpscan.io/advisories/erpscan-15-030-oracle-e-business-suite-xxe/",
}, "refsource": "MISC",
{ "url": "https://erpscan.io/advisories/erpscan-15-030-oracle-e-business-suite-xxe/"
"name" : "1033877", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033877" "name": "20151030 [ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability",
} "refsource": "FULLDISC",
] "url": "http://seclists.org/fulldisclosure/2015/Oct/113"
} },
} {
"name": "http://packetstormsecurity.com/files/134119/Oracle-E-Business-Suite-12.1.3-XXE-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134119/Oracle-E-Business-Suite-12.1.3-XXE-Injection.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "77244",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77244"
},
{
"name": "20151029 [ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536790/100/0/threaded"
}
]
}
}

130
2015/4xxx/CVE-2015-4880.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4880", "ID": "CVE-2015-4880",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 allows remote attackers to affect integrity via unknown vectors related to Content Server, a different vulnerability than CVE-2015-4867."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 allows remote attackers to affect integrity via unknown vectors related to Content Server, a different vulnerability than CVE-2015-4867."
{ }
"name" : "1033898", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1033898" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "1033898",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033898"
}
]
}
}

130
2015/4xxx/CVE-2015-4900.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4900", "ID": "CVE-2015-4900",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."
{ }
"name" : "1033883", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1033883" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033883",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033883"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
}
]
}
}

34
2015/8xxx/CVE-2015-8132.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8132", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8132",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7263. Reason: This candidate is a reservation duplicate of CVE-2015-7263. Notes: All CVE users should reference CVE-2015-7263 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7263. Reason: This candidate is a reservation duplicate of CVE-2015-7263. Notes: All CVE users should reference CVE-2015-7263 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

34
2015/8xxx/CVE-2015-8347.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8347", "ID": "CVE-2015-8347",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2015/8xxx/CVE-2015-8788.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8788", "ID": "CVE-2015-8788",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

230
2015/8xxx/CVE-2015-8833.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8833", "ID": "CVE-2015-8833",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the \"Authenticate buddy\" menu item."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[OTR-users] 20160309 New releases of libotr (4.1.1) and pidgin-otr (4.0.2) available", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.cypherpunks.ca/pipermail/otr-users/2016-March/002582.html" "lang": "eng",
}, "value": "Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the \"Authenticate buddy\" menu item."
{ }
"name" : "[oss-security] 20160309 Heap use after free in Pidgin-OTR plugin", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/03/09/8" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20160309 Re: Heap use after free in Pidgin-OTR plugin", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/03/09/13" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://blog.fuzzing-project.org/39-Heap-use-after-free-in-Pidgin-OTR-plugin-CVE-2015-8833.html", ]
"refsource" : "MISC", }
"url" : "https://blog.fuzzing-project.org/39-Heap-use-after-free-in-Pidgin-OTR-plugin-CVE-2015-8833.html" ]
}, },
{ "references": {
"name" : "https://bugs.otr.im/issues/128", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.otr.im/issues/128" "name": "DSA-3528",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3528"
"name" : "https://bugs.otr.im/issues/88", },
"refsource" : "CONFIRM", {
"url" : "https://bugs.otr.im/issues/88" "name": "SUSE-SU-2016:0912",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00095.html"
"name" : "https://bugs.otr.im/projects/pidgin-otr/repository/revisions/aaf551b9dd5cbba8c4abaa3d4dc7ead860efef94", },
"refsource" : "CONFIRM", {
"url" : "https://bugs.otr.im/projects/pidgin-otr/repository/revisions/aaf551b9dd5cbba8c4abaa3d4dc7ead860efef94" "name": "[OTR-users] 20160309 New releases of libotr (4.1.1) and pidgin-otr (4.0.2) available",
}, "refsource": "MLIST",
{ "url": "https://lists.cypherpunks.ca/pipermail/otr-users/2016-March/002582.html"
"name" : "DSA-3528", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3528" "name": "https://bugs.otr.im/projects/pidgin-otr/repository/revisions/aaf551b9dd5cbba8c4abaa3d4dc7ead860efef94",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.otr.im/projects/pidgin-otr/repository/revisions/aaf551b9dd5cbba8c4abaa3d4dc7ead860efef94"
"name" : "GLSA-201701-10", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-10" "name": "https://bugs.otr.im/issues/128",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.otr.im/issues/128"
"name" : "SUSE-SU-2016:0912", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00095.html" "name": "https://bugs.otr.im/issues/88",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.otr.im/issues/88"
"name" : "openSUSE-SU-2016:0878", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00109.html" "name": "https://blog.fuzzing-project.org/39-Heap-use-after-free-in-Pidgin-OTR-plugin-CVE-2015-8833.html",
}, "refsource": "MISC",
{ "url": "https://blog.fuzzing-project.org/39-Heap-use-after-free-in-Pidgin-OTR-plugin-CVE-2015-8833.html"
"name" : "84295", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/84295" "name": "GLSA-201701-10",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201701-10"
} },
} {
"name": "openSUSE-SU-2016:0878",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00109.html"
},
{
"name": "[oss-security] 20160309 Re: Heap use after free in Pidgin-OTR plugin",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/03/09/13"
},
{
"name": "84295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84295"
},
{
"name": "[oss-security] 20160309 Heap use after free in Pidgin-OTR plugin",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/03/09/8"
}
]
}
}

140
2015/8xxx/CVE-2015-8857.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8857", "ID": "CVE-2015-8857",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160420 various vulnerabilities in Node.js packages", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/04/20/11" "lang": "eng",
}, "value": "The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript."
{ }
"name" : "https://nodesecurity.io/advisories/39", ]
"refsource" : "CONFIRM", },
"url" : "https://nodesecurity.io/advisories/39" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "96410", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/96410" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "96410",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96410"
},
{
"name": "https://nodesecurity.io/advisories/39",
"refsource": "CONFIRM",
"url": "https://nodesecurity.io/advisories/39"
},
{
"name": "[oss-security] 20160420 various vulnerabilities in Node.js packages",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/20/11"
}
]
}
}

132
2015/9xxx/CVE-2015-9124.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2015-9124", "ID": "CVE-2015-9124",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile", "product_name": "Snapdragon Mobile",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9625, MDM9635M, MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, SD 810" "version_value": "MDM9625, MDM9635M, MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, SD 810"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, the device may crash while accessing an invalid pointer or expose otherwise inaccessible memory contents."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Exposure in Core."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, the device may crash while accessing an invalid pointer or expose otherwise inaccessible memory contents."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Information Exposure in Core."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

290
2016/5xxx/CVE-2016-5699.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-5699", "ID": "CVE-2016-5699",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160614 CVE request: Python HTTP header injection in urrlib2/urllib/httplib/http.client", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/06/14/7" "lang": "eng",
}, "value": "CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL."
{ }
"name" : "[oss-security] 20160615 Re: CVE request: Python HTTP header injection in urrlib2/urllib/httplib/http.client", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/06/15/12" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20160616 Re: CVE request: Python HTTP header injection in urrlib2/urllib/httplib/http.client", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/06/16/2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[debian-lts-announce] 20190207 [SECURITY] [DLA 1663-1] python3.4 security update", ]
"refsource" : "MLIST", }
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html" ]
}, },
{ "references": {
"name" : "http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html", "reference_data": [
"refsource" : "MISC", {
"url" : "http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html" "name": "http://www.splunk.com/view/SP-CAAAPUE",
}, "refsource": "CONFIRM",
{ "url": "http://www.splunk.com/view/SP-CAAAPUE"
"name" : "https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-4", },
"refsource" : "CONFIRM", {
"url" : "https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-4" "name": "https://hg.python.org/cpython/rev/1c45047c5102",
}, "refsource": "CONFIRM",
{ "url": "https://hg.python.org/cpython/rev/1c45047c5102"
"name" : "https://hg.python.org/cpython/raw-file/v2.7.10/Misc/NEWS", },
"refsource" : "CONFIRM", {
"url" : "https://hg.python.org/cpython/raw-file/v2.7.10/Misc/NEWS" "name": "RHSA-2016:1630",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1630.html"
"name" : "https://hg.python.org/cpython/rev/1c45047c5102", },
"refsource" : "CONFIRM", {
"url" : "https://hg.python.org/cpython/rev/1c45047c5102" "name": "RHSA-2016:1627",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1627.html"
"name" : "https://hg.python.org/cpython/rev/bf3e1c9b80e9", },
"refsource" : "CONFIRM", {
"url" : "https://hg.python.org/cpython/rev/bf3e1c9b80e9" "name": "https://hg.python.org/cpython/rev/bf3e1c9b80e9",
}, "refsource": "CONFIRM",
{ "url": "https://hg.python.org/cpython/rev/bf3e1c9b80e9"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" "name": "RHSA-2016:1629",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1629.html"
"name" : "http://www.splunk.com/view/SP-CAAAPSV", },
"refsource" : "CONFIRM", {
"url" : "http://www.splunk.com/view/SP-CAAAPSV" "name": "http://www.splunk.com/view/SP-CAAAPSV",
}, "refsource": "CONFIRM",
{ "url": "http://www.splunk.com/view/SP-CAAAPSV"
"name" : "http://www.splunk.com/view/SP-CAAAPUE", },
"refsource" : "CONFIRM", {
"url" : "http://www.splunk.com/view/SP-CAAAPUE" "name": "[oss-security] 20160616 Re: CVE request: Python HTTP header injection in urrlib2/urllib/httplib/http.client",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/06/16/2"
"name" : "RHSA-2016:1626", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1626.html" "name": "[debian-lts-announce] 20190207 [SECURITY] [DLA 1663-1] python3.4 security update",
}, "refsource": "MLIST",
{ "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html"
"name" : "RHSA-2016:1627", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1627.html" "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
"name" : "RHSA-2016:1628", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1628.html" "name": "https://hg.python.org/cpython/raw-file/v2.7.10/Misc/NEWS",
}, "refsource": "CONFIRM",
{ "url": "https://hg.python.org/cpython/raw-file/v2.7.10/Misc/NEWS"
"name" : "RHSA-2016:1629", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1629.html" "name": "https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-4",
}, "refsource": "CONFIRM",
{ "url": "https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-4"
"name" : "RHSA-2016:1630", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1630.html" "name": "[oss-security] 20160615 Re: CVE request: Python HTTP header injection in urrlib2/urllib/httplib/http.client",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/06/15/12"
"name" : "91226", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91226" "name": "http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html",
} "refsource": "MISC",
] "url": "http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html"
} },
} {
"name": "[oss-security] 20160614 CVE request: Python HTTP header injection in urrlib2/urllib/httplib/http.client",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/14/7"
},
{
"name": "91226",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91226"
},
{
"name": "RHSA-2016:1628",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1628.html"
},
{
"name": "RHSA-2016:1626",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1626.html"
}
]
}
}

36
2018/1002xxx/CVE-2018-1002104.json
View File

@ -1,19 +1,19 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-09-26", "DATE_ASSIGNED": "2018-09-26",
"ID" : "CVE-2018-1002104", "ID": "CVE-2018-1002104",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

126
2018/1999xxx/CVE-2018-1999018.json
View File

@ -1,65 +1,65 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-07-20T20:44:32.985224", "DATE_ASSIGNED": "2018-07-20T20:44:32.985224",
"DATE_REQUESTED" : "2018-07-17T04:00:28", "DATE_REQUESTED": "2018-07-17T04:00:28",
"ID" : "CVE-2018-1999018", "ID": "CVE-2018-1999018",
"REQUESTER" : "mike.gualtieri@gmail.com", "REQUESTER": "mike.gualtieri@gmail.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Pydio", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "8.2.1 and prior" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Pydio" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Pydio version 8.2.1 and prior contains an Unvalidated user input leading to Remote Code Execution (RCE) vulnerability in plugins/action.antivirus/AntivirusScanner.php: Line 124, scanNow($nodeObject) that can result in An attacker gaining admin access and can then execute arbitrary commands on the underlying OS. This attack appear to be exploitable via The attacker edits the Antivirus Command in the antivirus plugin, and executes the payload by uploading any file within Pydio."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Unvalidated user input leading to Remote Code Execution (RCE)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.mike-gualtieri.com/files/Pydio-8-VulnerabilityDisclosure-Jul18.txt", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.mike-gualtieri.com/files/Pydio-8-VulnerabilityDisclosure-Jul18.txt" "lang": "eng",
} "value": "Pydio version 8.2.1 and prior contains an Unvalidated user input leading to Remote Code Execution (RCE) vulnerability in plugins/action.antivirus/AntivirusScanner.php: Line 124, scanNow($nodeObject) that can result in An attacker gaining admin access and can then execute arbitrary commands on the underlying OS. This attack appear to be exploitable via The attacker edits the Antivirus Command in the antivirus plugin, and executes the payload by uploading any file within Pydio."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mike-gualtieri.com/files/Pydio-8-VulnerabilityDisclosure-Jul18.txt",
"refsource": "MISC",
"url": "https://www.mike-gualtieri.com/files/Pydio-8-VulnerabilityDisclosure-Jul18.txt"
}
]
}
}

142
2018/2xxx/CVE-2018-2664.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2664", "ID": "CVE-2018-2664",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Sun ZFS Storage Appliance Kit (AK) Software", "product_name": "Sun ZFS Storage Appliance Kit (AK) Software",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "8.7.13" "version_value": "8.7.13"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is Prior to 8.7.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). While the vulnerability is in Sun ZFS Storage Appliance Kit (AK), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). While the vulnerability is in Sun ZFS Storage Appliance Kit (AK), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Sun ZFS Storage Appliance Kit (AK)."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "lang": "eng",
}, "value": "Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is Prior to 8.7.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). While the vulnerability is in Sun ZFS Storage Appliance Kit (AK), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Sun ZFS Storage Appliance Kit (AK). CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)."
{ }
"name" : "102594", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102594" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040215", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040215" "lang": "eng",
} "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance Kit (AK). While the vulnerability is in Sun ZFS Storage Appliance Kit (AK), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Sun ZFS Storage Appliance Kit (AK)."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "1040215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040215"
},
{
"name": "102594",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102594"
}
]
}
}

130
2018/6xxx/CVE-2018-6639.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6639", "ID": "CVE-2018-6639",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An out-of-bounds write (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. A size used by memmove is read from the input file. This is fixed in 6.9d."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.dessci.com/en/dl/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.dessci.com/en/dl/" "lang": "eng",
}, "value": "An out-of-bounds write (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. A size used by memmove is read from the input file. This is fixed in 6.9d."
{ }
"name" : "https://drive.google.com/open?id=175_n6KhbOUlu9l0ySw-8QYk0oQbAaoZV", ]
"refsource" : "MISC", },
"url" : "https://drive.google.com/open?id=175_n6KhbOUlu9l0ySw-8QYk0oQbAaoZV" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://drive.google.com/open?id=175_n6KhbOUlu9l0ySw-8QYk0oQbAaoZV",
"refsource": "MISC",
"url": "https://drive.google.com/open?id=175_n6KhbOUlu9l0ySw-8QYk0oQbAaoZV"
},
{
"name": "http://www.dessci.com/en/dl/",
"refsource": "MISC",
"url": "http://www.dessci.com/en/dl/"
}
]
}
}

178
2018/6xxx/CVE-2018-6692.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@mcafee.com", "ASSIGNER": "psirt@mcafee.com",
"ID" : "CVE-2018-6692", "ID": "CVE-2018-6692",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Wemo Insight Smart Plug - Remote Code Execution vulnerability" "TITLE": "Wemo Insight Smart Plug - Remote Code Execution vulnerability"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Wemo Insight Smart Plug ", "product_name": "Wemo Insight Smart Plug ",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<=", "affected": "<=",
"platform" : "MIPS", "platform": "MIPS",
"version_name" : "WeMo_WW_2.00.11054.PVT-OWRT-Insight", "version_name": "WeMo_WW_2.00.11054.PVT-OWRT-Insight",
"version_value" : "2.00.11054" "version_value": "2.00.11054"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Belkin" "vendor_name": "Belkin"
} }
]
}
},
"credit" : [
{
"lang" : "eng",
"value" : "Doug McKee and the McAfee Advanced Threat Research team."
}
],
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin Wemo Insight Smart Plug allows remote attackers to bypass local security protection via a crafted HTTP post packet."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "HIGH",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 5.9,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Stack-based Buffer Overflow vulnerability"
}
] ]
} }
] },
}, "credit": [
"references" : { {
"reference_data" : [ "lang": "eng",
{ "value": "Doug McKee and the McAfee Advanced Threat Research team."
"name" : "https://securingtomorrow.mcafee.com/mcafee-labs/insight-into-home-automation-reveals-vulnerability-in-simple-iot-product", }
"refsource" : "CONFIRM", ],
"url" : "https://securingtomorrow.mcafee.com/mcafee-labs/insight-into-home-automation-reveals-vulnerability-in-simple-iot-product" "data_format": "MITRE",
} "data_type": "CVE",
] "data_version": "4.0",
}, "description": {
"source" : { "description_data": [
"discovery" : "EXTERNAL" {
} "lang": "eng",
} "value": "Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin Wemo Insight Smart Plug allows remote attackers to bypass local security protection via a crafted HTTP post packet."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://securingtomorrow.mcafee.com/mcafee-labs/insight-into-home-automation-reveals-vulnerability-in-simple-iot-product",
"refsource": "CONFIRM",
"url": "https://securingtomorrow.mcafee.com/mcafee-labs/insight-into-home-automation-reveals-vulnerability-in-simple-iot-product"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}

150
2018/7xxx/CVE-2018-7114.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security-alert@hpe.com", "ASSIGNER": "security-alert@hpe.com",
"ID" : "CVE-2018-7114", "ID": "CVE-2018-7114",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "HPE Intelligent Management Center (IMC)", "product_name": "HPE Intelligent Management Center (IMC)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to IMC PLAT 7.3 (E0605P06)" "version_value": "prior to IMC PLAT 7.3 (E0605P06)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Hewlett Packard Enterprise" "vendor_name": "Hewlett Packard Enterprise"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "remote code execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03906en_us", "description_data": [
"refsource" : "MISC", {
"url" : "https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03906en_us" "lang": "eng",
}, "value": "HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions."
{ }
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03906en_us", ]
"refsource" : "CONFIRM", },
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03906en_us" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "106211", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/106211" "lang": "eng",
}, "value": "remote code execution"
{ }
"name" : "1042182", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1042182" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1042182",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042182"
},
{
"name": "106211",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106211"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03906en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03906en_us"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03906en_us",
"refsource": "MISC",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03906en_us"
}
]
}
}

120
2018/7xxx/CVE-2018-7178.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7178", "ID": "CVE-2018-7178",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL Injection exists in the Saxum Picker 3.2.10 component for Joomla! via the publicid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "44136", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/44136" "lang": "eng",
} "value": "SQL Injection exists in the Saxum Picker 3.2.10 component for Joomla! via the publicid parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44136",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44136"
}
]
}
}

34
2018/7xxx/CVE-2018-7610.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7610", "ID": "CVE-2018-7610",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1189.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1189", "ID": "CVE-2019-1189",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1586.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1586", "ID": "CVE-2019-1586",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2019/1xxx/CVE-2019-1678.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC" : "2019-02-06T16:00:00-0800", "DATE_PUBLIC": "2019-02-06T16:00:00-0800",
"ID" : "CVE-2019-1678", "ID": "CVE-2019-1678",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Cisco Meeting Server Denial of Service Vulnerability" "TITLE": "Cisco Meeting Server Denial of Service Vulnerability"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Meeting Server ", "product_name": "Cisco Meeting Server ",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "2.4.3" "version_value": "2.4.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cisco" "vendor_name": "Cisco"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) to Cisco Meetings application users who are paired with a Session Initiation Protocol (SIP) endpoint. The vulnerability is due to improper validation of coSpaces configuration parameters. An attacker could exploit this vulnerability by inserting crafted strings in specific coSpace parameters. An exploit could allow the attacker to prevent clients from joining a conference call in the affected coSpace. Versions prior to 2.4.3 are affected."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact" : {
"cvss" : {
"baseScore" : "4.3",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L ",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-20"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20190206 Cisco Meeting Server Denial of Service Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-cms-dos" "lang": "eng",
}, "value": "A vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) to Cisco Meetings application users who are paired with a Session Initiation Protocol (SIP) endpoint. The vulnerability is due to improper validation of coSpaces configuration parameters. An attacker could exploit this vulnerability by inserting crafted strings in specific coSpace parameters. An exploit could allow the attacker to prevent clients from joining a conference call in the affected coSpace. Versions prior to 2.4.3 are affected."
{ }
"name" : "106943", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106943" "exploit": [
} {
] "lang": "eng",
}, "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
"source" : { }
"advisory" : "cisco-sa-20190206-cms-dos", ],
"defect" : [ "impact": {
[ "cvss": {
"CSCvn16684" "baseScore": "4.3",
] "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L ",
], "version": "3.0"
"discovery" : "INTERNAL" }
} },
} "problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106943",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106943"
},
{
"name": "20190206 Cisco Meeting Server Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-cms-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20190206-cms-dos",
"defect": [
[
"CSCvn16684"
]
],
"discovery": "INTERNAL"
}
}

34
2019/1xxx/CVE-2019-1889.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1889", "ID": "CVE-2019-1889",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5211.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5211", "ID": "CVE-2019-5211",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5442.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5442", "ID": "CVE-2019-5442",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/5xxx/CVE-2019-5595.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secteam@freebsd.org", "ASSIGNER": "secteam@freebsd.org",
"ID" : "CVE-2019-5595", "ID": "CVE-2019-5595",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "FreeBSD", "product_name": "FreeBSD",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "FreeBSD 11.2 before 11.2-RELEASE-p9 and 12.0 before 12.0-RELEASE-p3" "version_value": "FreeBSD 11.2 before 11.2-RELEASE-p9 and 12.0 before 12.0-RELEASE-p3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "FreeBSD" "vendor_name": "FreeBSD"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r343781), and 12.0-RELEASE-p3, kernel callee-save registers are not properly sanitized before return from system calls, potentially allowing some kernel data used in the system call to be exposed."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Improper Cross-boundary Removal of Sensitive Data"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "FreeBSD-SA-19:01", "description_data": [
"refsource" : "FREEBSD", {
"url" : "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:01.syscall.asc" "lang": "eng",
} "value": "In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r343781), and 12.0-RELEASE-p3, kernel callee-save registers are not properly sanitized before return from system calls, potentially allowing some kernel data used in the system call to be exposed."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Cross-boundary Removal of Sensitive Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-19:01",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:01.syscall.asc"
}
]
}
}

34
2019/5xxx/CVE-2019-5866.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5866", "ID": "CVE-2019-5866",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }