admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:31:03 +00:00
parent c31544f7f1
commit b694c868f0
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
52 changed files with 3260 additions and 3260 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
1999/1xxx/CVE-1999-1364.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1364", "ID": "CVE-1999-1364",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "Q142653", "description_data": [
"refsource" : "MSKB", {
"url" : "http://support.microsoft.com/support/kb/articles/q142/6/53.asp" "lang": "eng",
}, "value": "Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext."
{ }
"name" : "nt-threadcontext-dos(7421)", ]
"refsource" : "XF", },
"url" : "http://www.iss.net/security_center/static/7421.php" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "nt-threadcontext-dos(7421)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7421.php"
},
{
"name": "Q142653",
"refsource": "MSKB",
"url": "http://support.microsoft.com/support/kb/articles/q142/6/53.asp"
}
]
}
}

140
2000/1xxx/CVE-2000-1033.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1033", "ID": "CVE-2000-1033",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Serv-U FTP Server allows remote attackers to bypass its anti-hammering feature by first logging on as a valid user (possibly anonymous) and then attempting to guess the passwords of other users."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001029 Brute Forcing FTP Servers with enabled anti-hammering (anti brute-force) modus", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/141905" "lang": "eng",
}, "value": "Serv-U FTP Server allows remote attackers to bypass its anti-hammering feature by first logging on as a valid user (possibly anonymous) and then attempting to guess the passwords of other users."
{ }
"name" : "1860", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1860" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ftp-servu-brute-force(5436)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5436" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "ftp-servu-brute-force(5436)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5436"
},
{
"name": "20001029 Brute Forcing FTP Servers with enabled anti-hammering (anti brute-force) modus",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/141905"
},
{
"name": "1860",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1860"
}
]
}
}

250
2005/2xxx/CVE-2005-2494.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2005-2494", "ID": "CVE-2005-2494",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050907 [ Suresec Advisories ] - Kcheckpass file creation vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112611555928169&w=2" "lang": "eng",
}, "value": "kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files."
{ }
"name" : "http://www.suresec.org/advisories/adv6.pdf", ]
"refsource" : "MISC", },
"url" : "http://www.suresec.org/advisories/adv6.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20050905 [KDE Security Advisory] kcheckpass local root vulnerability", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112603999215453&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.kde.org/info/security/advisory-20050905-1.txt", ]
"refsource" : "CONFIRM", }
"url" : "http://www.kde.org/info/security/advisory-20050905-1.txt" ]
}, },
{ "references": {
"name" : "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.2-kdebase-kcheckpass.diff", "reference_data": [
"refsource" : "MISC", {
"url" : "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.2-kdebase-kcheckpass.diff" "name": "MDKSA-2005:160",
}, "refsource": "MANDRAKE",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:160"
"name" : "DSA-815", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2005/dsa-815" "name": "20050905 [KDE Security Advisory] kcheckpass local root vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=112603999215453&w=2"
"name" : "MDKSA-2005:160", },
"refsource" : "MANDRAKE", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:160" "name": "16692",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/16692"
"name" : "RHSA-2006:0582", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0582.html" "name": "oval:org.mitre.oval:def:9388",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9388"
"name" : "USN-176-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-176-1" "name": "USN-176-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-176-1"
"name" : "14736", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14736" "name": "18139",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18139"
"name" : "oval:org.mitre.oval:def:9388", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9388" "name": "21481",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21481"
"name" : "16692", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16692" "name": "DSA-815",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2005/dsa-815"
"name" : "18139", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18139" "name": "http://www.kde.org/info/security/advisory-20050905-1.txt",
}, "refsource": "CONFIRM",
{ "url": "http://www.kde.org/info/security/advisory-20050905-1.txt"
"name" : "21481", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21481" "name": "RHSA-2006:0582",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2006-0582.html"
} },
} {
"name": "20050907 [ Suresec Advisories ] - Kcheckpass file creation vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112611555928169&w=2"
},
{
"name": "http://www.suresec.org/advisories/adv6.pdf",
"refsource": "MISC",
"url": "http://www.suresec.org/advisories/adv6.pdf"
},
{
"name": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.2-kdebase-kcheckpass.diff",
"refsource": "MISC",
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.2-kdebase-kcheckpass.diff"
},
{
"name": "14736",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14736"
}
]
}
}

170
2005/2xxx/CVE-2005-2773.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2773", "ID": "CVE-2005-2773",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050825 Portcullis Security Advisory 05-014 HP Openview Remote Command", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112499121725662&w=2" "lang": "eng",
}, "value": "HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl."
{ }
"name" : "HPSBMA01224", ]
"refsource" : "HP", },
"url" : "http://www.securityfocus.com/advisories/9150" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SSRT051023", "description": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/advisories/9150" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "14662", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/14662" ]
}, },
{ "references": {
"name" : "16555", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16555/" "name": "20050825 Portcullis Security Advisory 05-014 HP Openview Remote Command",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=112499121725662&w=2"
"name" : "hp-openview-node-manager-command-execution(21999)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21999" "name": "hp-openview-node-manager-command-execution(21999)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21999"
} },
} {
"name": "HPSBMA01224",
"refsource": "HP",
"url": "http://www.securityfocus.com/advisories/9150"
},
{
"name": "14662",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14662"
},
{
"name": "16555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16555/"
},
{
"name": "SSRT051023",
"refsource": "HP",
"url": "http://www.securityfocus.com/advisories/9150"
}
]
}
}

34
2007/1xxx/CVE-2007-1200.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1200", "ID": "CVE-2007-1200",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2007/1xxx/CVE-2007-1278.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1278", "ID": "CVE-2007-1278",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 and 7.0 Enterprise, when using Microsoft IIS 6, allows remote attackers to cause a denial of service via unspecified vectors, involving the request of a file in the JRun web root."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb07-07.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb07-07.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 and 7.0 Enterprise, when using Microsoft IIS 6, allows remote attackers to cause a denial of service via unspecified vectors, involving the request of a file in the JRun web root."
{ }
"name" : "22958", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22958" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0932", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0932" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34039", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/34039" ]
}, },
{ "references": {
"name" : "1017752", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017752" "name": "1017752",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1017752"
"name" : "24488", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24488" "name": "34039",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/34039"
"name" : "coldfusion-jrun-iisconnector-dos(32994)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32994" "name": "http://www.adobe.com/support/security/bulletins/apsb07-07.html",
} "refsource": "CONFIRM",
] "url": "http://www.adobe.com/support/security/bulletins/apsb07-07.html"
} },
} {
"name": "24488",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24488"
},
{
"name": "ADV-2007-0932",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0932"
},
{
"name": "coldfusion-jrun-iisconnector-dos(32994)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32994"
},
{
"name": "22958",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22958"
}
]
}
}

140
2007/1xxx/CVE-2007-1379.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1379", "ID": "CVE-2007-1379",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ovrimos_close function in the Ovrimos extension for PHP before 4.4.5 can trigger efree of an arbitrary address, which might allow context-dependent attackers to execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.php-security.org/MOPB/MOPB-13-2007.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.php-security.org/MOPB/MOPB-13-2007.html" "lang": "eng",
}, "value": "The ovrimos_close function in the Ovrimos extension for PHP before 4.4.5 can trigger efree of an arbitrary address, which might allow context-dependent attackers to execute arbitrary code."
{ }
"name" : "22833", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22833" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34691", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/34691" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.php-security.org/MOPB/MOPB-13-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-13-2007.html"
},
{
"name": "22833",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22833"
},
{
"name": "34691",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34691"
}
]
}
}

490
2007/5xxx/CVE-2007-5273.json
View File

@ -1,247 +1,247 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5273", "ID": "CVE-2007-5273",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound connections via a multi-pin DNS rebinding attack in which the applet download relies on DNS resolution on the proxy server, but the applet's socket operations rely on DNS resolution on the local machine, a different issue than CVE-2007-5274. NOTE: this is similar to CVE-2007-5232."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071029 FLEA-2007-0061-1 sun-jre sun-jdk", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/482926/100/0/threaded" "lang": "eng",
}, "value": "Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used, allows remote attackers to violate the security model for an applet's outbound connections via a multi-pin DNS rebinding attack in which the applet download relies on DNS resolution on the proxy server, but the applet's socket operations rely on DNS resolution on the local machine, a different issue than CVE-2007-5274. NOTE: this is similar to CVE-2007-5232."
{ }
"name" : "20070709 Anti-DNS Pinning and Java Applets", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2007/Jul/0159.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://crypto.stanford.edu/dns/dns-rebinding.pdf", "description": [
"refsource" : "MISC", {
"url" : "http://crypto.stanford.edu/dns/dns-rebinding.pdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html", ]
"refsource" : "CONFIRM", }
"url" : "http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html" ]
}, },
{ "references": {
"name" : "BEA08-198.00", "reference_data": [
"refsource" : "BEA", {
"url" : "http://dev2dev.bea.com/pub/advisory/272" "name": "RHSA-2008:0132",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0132.html"
"name" : "GLSA-200804-20", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml" "name": "RHSA-2007:1041",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-1041.html"
"name" : "GLSA-200804-28", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200804-28.xml" "name": "ADV-2007-3895",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3895"
"name" : "GLSA-200806-11", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml" "name": "29042",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29042"
"name" : "HPSBUX02284", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533" "name": "http://crypto.stanford.edu/dns/dns-rebinding.pdf",
}, "refsource": "MISC",
{ "url": "http://crypto.stanford.edu/dns/dns-rebinding.pdf"
"name" : "SSRT071483", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533" "name": "27693",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27693"
"name" : "RHSA-2007:0963", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0963.html" "name": "http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html",
}, "refsource": "CONFIRM",
{ "url": "http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html"
"name" : "RHSA-2007:1041", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1041.html" "name": "1018771",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018771"
"name" : "RHSA-2008:0132", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0132.html" "name": "SUSE-SA:2007:055",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_55_java.html"
"name" : "RHSA-2008:0156", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0156.html" "name": "20070709 Anti-DNS Pinning and Java Applets",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2007/Jul/0159.html"
"name" : "RHSA-2008:0100", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0100.html" "name": "29897",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29897"
"name" : "103078", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103078-1" "name": "27206",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27206"
"name" : "200041", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200041-1" "name": "27804",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27804"
"name" : "SUSE-SA:2007:055", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_55_java.html" "name": "GLSA-200804-28",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
"name" : "SUSE-SA:2008:025", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html" "name": "HPSBUX02284",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533"
"name" : "25918", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25918" "name": "29858",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29858"
"name" : "oval:org.mitre.oval:def:10340", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10340" "name": "45527",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/45527"
"name" : "ADV-2007-3895", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3895" "name": "RHSA-2007:0963",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0963.html"
"name" : "ADV-2008-0609", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0609" "name": "25918",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25918"
"name" : "45527", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/45527" "name": "RHSA-2008:0100",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0100.html"
"name" : "1018771", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018771" "name": "ADV-2008-0609",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0609"
"name" : "27206", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27206" "name": "200041",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200041-1"
"name" : "27261", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27261" "name": "SUSE-SA:2008:025",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html"
"name" : "27716", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27716" "name": "27261",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27261"
"name" : "27693", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27693" "name": "103078",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103078-1"
"name" : "27804", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27804" "name": "SSRT071483",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533"
"name" : "28777", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28777" "name": "20071029 FLEA-2007-0061-1 sun-jre sun-jdk",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/482926/100/0/threaded"
"name" : "28880", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28880" "name": "28777",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28777"
"name" : "29042", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29042" "name": "RHSA-2008:0156",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0156.html"
"name" : "29214", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29214" "name": "BEA08-198.00",
}, "refsource": "BEA",
{ "url": "http://dev2dev.bea.com/pub/advisory/272"
"name" : "29340", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29340" "name": "30780",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30780"
"name" : "29858", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29858" "name": "28880",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28880"
"name" : "29897", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29897" "name": "27716",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27716"
"name" : "30780", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30780" "name": "29214",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/29214"
} },
} {
"name": "29340",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29340"
},
{
"name": "oval:org.mitre.oval:def:10340",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10340"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
}
]
}
}

150
2007/5xxx/CVE-2007-5292.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5292", "ID": "CVE-2007-5292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in photos.cfm in Directory Image Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the backwardDirectory parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels-team.blogspot.com/2007/10/directory-image-gallery-xss-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels-team.blogspot.com/2007/10/directory-image-gallery-xss-vuln.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in photos.cfm in Directory Image Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the backwardDirectory parameter."
{ }
"name" : "ADV-2007-3425", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/3425" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "38629", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38629" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "directoryimage-photos-xss(36986)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36986" ]
} },
] "references": {
} "reference_data": [
} {
"name": "38629",
"refsource": "OSVDB",
"url": "http://osvdb.org/38629"
},
{
"name": "directoryimage-photos-xss(36986)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36986"
},
{
"name": "http://pridels-team.blogspot.com/2007/10/directory-image-gallery-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels-team.blogspot.com/2007/10/directory-image-gallery-xss-vuln.html"
},
{
"name": "ADV-2007-3425",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3425"
}
]
}
}

200
2007/5xxx/CVE-2007-5518.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5518", "ID": "CVE-2007-5518",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 10.1.3.2 has unknown impact and remote attack vectors, aka AS03."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 10.1.3.2 has unknown impact and remote attack vectors, aka AS03."
{ }
"name" : "HPSBMA02133", ]
"refsource" : "HP", },
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SSRT061201", "description": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA07-290A", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" ]
}, },
{ "references": {
"name" : "ADV-2007-3524", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3524" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
"name" : "ADV-2007-3626", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3626" "name": "ADV-2007-3524",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3524"
"name" : "1018823", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018823" "name": "ADV-2007-3626",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3626"
"name" : "27251", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27251" "name": "TA07-290A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html"
"name" : "27409", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27409" "name": "SSRT061201",
} "refsource": "HP",
] "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
} },
} {
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
},
{
"name": "1018823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018823"
},
{
"name": "27409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27409"
},
{
"name": "27251",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27251"
}
]
}
}

120
2015/3xxx/CVE-2015-3869.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2015-3869", "ID": "CVE-2015-3869",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23036083."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[android-security-updates] 20151005 Nexus Security Bulletin (October 2015)", "description_data": [
"refsource" : "MLIST", {
"url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/_Rm-lKnS2M8/dGTcilt0CAAJ" "lang": "eng",
} "value": "libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23036083."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[android-security-updates] 20151005 Nexus Security Bulletin (October 2015)",
"refsource": "MLIST",
"url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/_Rm-lKnS2M8/dGTcilt0CAAJ"
}
]
}
}

34
2015/4xxx/CVE-2015-4313.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4313", "ID": "CVE-2015-4313",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2015/4xxx/CVE-2015-4350.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4350", "ID": "CVE-2015-4350",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Spider Catalog module for Drupal allow remote attackers to hijack the authentication of administrators for requests that delete (1) products, (2) ratings, or (3) categories via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/04/25/6" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Spider Catalog module for Drupal allow remote attackers to hijack the authentication of administrators for requests that delete (1) products, (2) ratings, or (3) categories via unspecified vectors."
{ }
"name" : "https://www.drupal.org/node/2437977", ]
"refsource" : "MISC", },
"url" : "https://www.drupal.org/node/2437977" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "72798", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72798" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "72798",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72798"
},
{
"name": "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/04/25/6"
},
{
"name": "https://www.drupal.org/node/2437977",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2437977"
}
]
}
}

120
2015/4xxx/CVE-2015-4774.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4774", "ID": "CVE-2015-4774",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect integrity and availability via unknown vectors, a different vulnerability than CVE-2015-4779 and CVE-2015-4788."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" "lang": "eng",
} "value": "Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect integrity and availability via unknown vectors, a different vulnerability than CVE-2015-4779 and CVE-2015-4788."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
}
]
}
}

210
2015/7xxx/CVE-2015-7100.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-7100", "ID": "CVE-2015-7100",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT205635", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205635" "lang": "eng",
}, "value": "WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103."
{ }
"name" : "https://support.apple.com/HT205639", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT205639" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT205640", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205640" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/kb/HT205636", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/kb/HT205636" ]
}, },
{ "references": {
"name" : "APPLE-SA-2015-12-08-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" "name": "https://support.apple.com/HT205635",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT205635"
"name" : "APPLE-SA-2015-12-08-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" "name": "https://support.apple.com/kb/HT205636",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT205636"
"name" : "APPLE-SA-2015-12-08-5", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00003.html" "name": "openSUSE-SU-2016:0761",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html"
"name" : "openSUSE-SU-2016:0761", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html" "name": "APPLE-SA-2015-12-08-5",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00003.html"
"name" : "78726", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/78726" "name": "APPLE-SA-2015-12-08-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
"name" : "1034341", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034341" "name": "https://support.apple.com/HT205639",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/HT205639"
} },
} {
"name": "https://support.apple.com/HT205640",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205640"
},
{
"name": "1034341",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034341"
},
{
"name": "APPLE-SA-2015-12-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
},
{
"name": "78726",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78726"
}
]
}
}

300
2015/7xxx/CVE-2015-7560.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-7560", "ID": "CVE-2015-7560",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.samba.org/show_bug.cgi?id=11648", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.samba.org/show_bug.cgi?id=11648" "lang": "eng",
}, "value": "The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then using a non-UNIX SMB1 call to write to the ACL content."
{ }
"name" : "https://www.samba.org/samba/security/CVE-2015-7560.html", ]
"refsource" : "CONFIRM", },
"url" : "https://www.samba.org/samba/security/CVE-2015-7560.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05121842", "description": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05121842" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3514", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3514" ]
}, },
{ "references": {
"name" : "FEDORA-2016-4b55f00d00", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180000.html" "name": "84267",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/84267"
"name" : "FEDORA-2016-ed1587f6ba", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178730.html" "name": "openSUSE-SU-2016:1064",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html"
"name" : "FEDORA-2016-cad77a4576", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178764.html" "name": "SUSE-SU-2016:0837",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00081.html"
"name" : "SUSE-SU-2016:0905", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00092.html" "name": "openSUSE-SU-2016:0813",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00063.html"
"name" : "openSUSE-SU-2016:1064", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html" "name": "openSUSE-SU-2016:0877",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00090.html"
"name" : "openSUSE-SU-2016:1106", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05121842",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05121842"
"name" : "openSUSE-SU-2016:1107", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html" "name": "1035220",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035220"
"name" : "openSUSE-SU-2016:0813", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00063.html" "name": "FEDORA-2016-cad77a4576",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178764.html"
"name" : "SUSE-SU-2016:0814", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00064.html" "name": "SUSE-SU-2016:0814",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00064.html"
"name" : "SUSE-SU-2016:0816", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00065.html" "name": "https://www.samba.org/samba/security/CVE-2015-7560.html",
}, "refsource": "CONFIRM",
{ "url": "https://www.samba.org/samba/security/CVE-2015-7560.html"
"name" : "SUSE-SU-2016:0837", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00081.html" "name": "https://bugzilla.samba.org/show_bug.cgi?id=11648",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.samba.org/show_bug.cgi?id=11648"
"name" : "openSUSE-SU-2016:0877", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00090.html" "name": "openSUSE-SU-2016:1106",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00047.html"
"name" : "USN-2922-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2922-1" "name": "FEDORA-2016-4b55f00d00",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180000.html"
"name" : "84267", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/84267" "name": "FEDORA-2016-ed1587f6ba",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178730.html"
"name" : "1035220", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035220" "name": "openSUSE-SU-2016:1107",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00048.html"
} },
} {
"name": "SUSE-SU-2016:0905",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00092.html"
},
{
"name": "SUSE-SU-2016:0816",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00065.html"
},
{
"name": "USN-2922-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2922-1"
},
{
"name": "DSA-3514",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3514"
}
]
}
}

34
2015/8xxx/CVE-2015-8119.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8119", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8119",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

34
2015/8xxx/CVE-2015-8155.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8155", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8155",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

290
2015/8xxx/CVE-2015-8241.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8241", "ID": "CVE-2015-8241",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20151118 Buffer overflow in libxml2", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/11/17/5" "lang": "eng",
}, "value": "The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data."
{ }
"name" : "[oss-security] 20151118 Re: Buffer overflow in libxml2", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2015/11/18/23" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.gnome.org/show_bug.cgi?id=756263", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.gnome.org/show_bug.cgi?id=756263" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1281936", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1281936" ]
}, },
{ "references": {
"name" : "https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe" "name": "RHSA-2015:2550",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" "name": "openSUSE-SU-2016:0106",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" "name": "[oss-security] 20151118 Buffer overflow in libxml2",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/11/17/5"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" "name": "DSA-3430",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3430"
"name" : "DSA-3430", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3430" "name": "RHSA-2016:1089",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
"name" : "HPSBGN03537", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=145382616617563&w=2" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"name" : "RHSA-2015:2549", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2549.html" "name": "77621",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/77621"
"name" : "RHSA-2015:2550", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2550.html" "name": "USN-2834-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2834-1"
"name" : "RHSA-2016:1089", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1089.html" "name": "[oss-security] 20151118 Re: Buffer overflow in libxml2",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/11/18/23"
"name" : "openSUSE-SU-2015:2372", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" "name": "https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe",
}, "refsource": "CONFIRM",
{ "url": "https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe"
"name" : "openSUSE-SU-2016:0106", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" "name": "1034243",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1034243"
"name" : "USN-2834-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2834-1" "name": "RHSA-2015:2549",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
"name" : "77621", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77621" "name": "HPSBGN03537",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2"
"name" : "1034243", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034243" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172",
} "refsource": "CONFIRM",
] "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
} },
} {
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "openSUSE-SU-2015:2372",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
},
{
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=756263",
"refsource": "CONFIRM",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=756263"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1281936",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281936"
}
]
}
}

220
2015/8xxx/CVE-2015-8449.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-8449", "ID": "CVE-2015-8449",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the MovieClip object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted lineTo method call, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-15-612", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-15-612" "lang": "eng",
}, "value": "Use-after-free vulnerability in the MovieClip object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted lineTo method call, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454."
{ }
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "description": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", ]
"refsource" : "CONFIRM", }
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" ]
}, },
{ "references": {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" "name": "openSUSE-SU-2015:2239",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html"
"name" : "GLSA-201601-03", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201601-03" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
"name" : "SUSE-SU-2015:2236", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html",
}, "refsource": "CONFIRM",
{ "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
"name" : "SUSE-SU-2015:2247", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" "name": "78715",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/78715"
"name" : "openSUSE-SU-2015:2239", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" "name": "SUSE-SU-2015:2236",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html"
"name" : "78715", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/78715" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
"name" : "1034318", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034318" "name": "SUSE-SU-2015:2247",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html"
} },
} {
"name": "http://zerodayinitiative.com/advisories/ZDI-15-612",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-15-612"
},
{
"name": "1034318",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034318"
},
{
"name": "GLSA-201601-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201601-03"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
}
]
}
}

132
2015/9xxx/CVE-2015-9207.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2015-9207", "ID": "CVE-2015-9207",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile, Snapdragon Wear", "product_name": "Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810" "version_value": "MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, lack of input validation in playready_getadditional_responsedata could lead to a buffer overread."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer overread vulnerability in QTEE"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, lack of input validation in playready_getadditional_responsedata could lead to a buffer overread."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Buffer overread vulnerability in QTEE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

120
2015/9xxx/CVE-2015-9274.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-9274", "ID": "CVE-2015-9274",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/harfbuzz/harfbuzz/commit/c917965b9e6fe2b21ed6c51559673288fa3af4b7", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/harfbuzz/harfbuzz/commit/c917965b9e6fe2b21ed6c51559673288fa3af4b7" "lang": "eng",
} "value": "HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harfbuzz/harfbuzz/commit/c917965b9e6fe2b21ed6c51559673288fa3af4b7",
"refsource": "MISC",
"url": "https://github.com/harfbuzz/harfbuzz/commit/c917965b9e6fe2b21ed6c51559673288fa3af4b7"
}
]
}
}

140
2016/1xxx/CVE-2016-1121.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-1121", "ID": "CVE-2016-1121",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" "lang": "eng",
}, "value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
{ }
"name" : "90512", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/90512" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1035828", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035828" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}

230
2016/1xxx/CVE-2016-1283.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1283", "ID": "CVE-2016-1283",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\\\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\\){97)?J)?J)(?'R'(?'R'\\){99|(:(?|(?'R')(\\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.exim.org/show_bug.cgi?id=1767", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.exim.org/show_bug.cgi?id=1767" "lang": "eng",
}, "value": "The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\\\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\\){97)?J)?J)(?'R'(?'R'\\){99|(:(?|(?'R')(\\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bto.bluecoat.com/security-advisory/sa128", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bto.bluecoat.com/security-advisory/sa128" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.tenable.com/security/tns-2016-18", ]
"refsource" : "CONFIRM", }
"url" : "https://www.tenable.com/security/tns-2016-18" ]
}, },
{ "references": {
"name" : "https://www.tenable.com/security/tns-2017-14", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.tenable.com/security/tns-2017-14" "name": "RHSA-2016:1132",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1132"
"name" : "FEDORA-2016-65833b5dbc", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178193.html" "name": "https://bugs.exim.org/show_bug.cgi?id=1767",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.exim.org/show_bug.cgi?id=1767"
"name" : "FEDORA-2016-f5af8e27ce", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178955.html" "name": "SSA:2016-172-02",
}, "refsource": "SLACKWARE",
{ "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.343110"
"name" : "GLSA-201607-02", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201607-02" "name": "79825",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/79825"
"name" : "RHSA-2016:1132", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1132" "name": "FEDORA-2016-f5af8e27ce",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178955.html"
"name" : "SSA:2016-172-02", },
"refsource" : "SLACKWARE", {
"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.343110" "name": "FEDORA-2016-65833b5dbc",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178193.html"
"name" : "79825", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/79825" "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name" : "1034555", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034555" "name": "https://www.tenable.com/security/tns-2016-18",
} "refsource": "CONFIRM",
] "url": "https://www.tenable.com/security/tns-2016-18"
} },
} {
"name": "https://www.tenable.com/security/tns-2017-14",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2017-14"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa128",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa128"
},
{
"name": "1034555",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034555"
},
{
"name": "GLSA-201607-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-02"
}
]
}
}

34
2016/1xxx/CVE-2016-1487.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1487", "ID": "CVE-2016-1487",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

210
2016/1xxx/CVE-2016-1841.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-1841", "ID": "CVE-2016-1841",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT206564", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT206564" "lang": "eng",
}, "value": "libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site."
{ }
"name" : "https://support.apple.com/HT206566", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT206566" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT206567", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT206567" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/HT206568", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/HT206568" ]
}, },
{ "references": {
"name" : "APPLE-SA-2016-05-16-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" "name": "https://support.apple.com/HT206567",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT206567"
"name" : "APPLE-SA-2016-05-16-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" "name": "90691",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/90691"
"name" : "APPLE-SA-2016-05-16-3", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" "name": "APPLE-SA-2016-05-16-4",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
"name" : "APPLE-SA-2016-05-16-4", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" "name": "https://support.apple.com/HT206566",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT206566"
"name" : "90691", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/90691" "name": "APPLE-SA-2016-05-16-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html"
"name" : "1035890", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035890" "name": "https://support.apple.com/HT206564",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/HT206564"
} },
} {
"name": "1035890",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035890"
},
{
"name": "APPLE-SA-2016-05-16-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html"
},
{
"name": "https://support.apple.com/HT206568",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206568"
},
{
"name": "APPLE-SA-2016-05-16-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html"
}
]
}
}

130
2016/5xxx/CVE-2016-5021.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5021", "ID": "CVE-2016-5021",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 allows remote authenticated administrators to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.f5.com/kb/en-us/solutions/public/k/99/sol99998454/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.f5.com/kb/en-us/solutions/public/k/99/sol99998454/" "lang": "eng",
}, "value": "The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1; BIG-IQ Cloud and Security 4.0.0 through 4.5.0; BIG-IQ Device 4.2.0 through 4.5.0; BIG-IQ ADC 4.5.0; BIG-IQ Centralized Management 4.6.0; and BIG-IQ Cloud and Orchestration 1.0.0 allows remote authenticated administrators to obtain sensitive information via unspecified vectors."
{ }
"name" : "1036172", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1036172" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/kb/en-us/solutions/public/k/99/sol99998454/",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/99/sol99998454/"
},
{
"name": "1036172",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036172"
}
]
}
}

160
2016/5xxx/CVE-2016-5213.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-5213", "ID": "CVE-2016-5213",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android", "product_name": "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android" "version_value": "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "use after free"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html" "lang": "eng",
}, "value": "A use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
{ }
"name" : "https://crbug.com/652548", ]
"refsource" : "CONFIRM", },
"url" : "https://crbug.com/652548" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201612-11", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201612-11" "lang": "eng",
}, "value": "use after free"
{ }
"name" : "RHSA-2016:2919", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2919.html" ]
}, },
{ "references": {
"name" : "94633", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94633" "name": "RHSA-2016:2919",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-2919.html"
} },
} {
"name": "94633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94633"
},
{
"name": "https://crbug.com/652548",
"refsource": "CONFIRM",
"url": "https://crbug.com/652548"
},
{
"name": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html"
},
{
"name": "GLSA-201612-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-11"
}
]
}
}

150
2016/5xxx/CVE-2016-5684.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cert@cert.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2016-5684", "ID": "CVE-2016-5684",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "FreeImage", "product_name": "FreeImage",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.17.0" "version_value": "3.17.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "FreeImage" "vendor_name": "FreeImage"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An attacker can provide a malicious image to trigger this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "out-of-bounds write"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.talosintelligence.com/reports/TALOS-2016-0189/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.talosintelligence.com/reports/TALOS-2016-0189/" "lang": "eng",
}, "value": "An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An attacker can provide a malicious image to trigger this vulnerability."
{ }
"name" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", ]
"refsource" : "CONFIRM", },
"url" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201701-68", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-68" "lang": "eng",
}, "value": "out-of-bounds write"
{ }
"name" : "93287", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/93287" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0189/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0189/"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "93287",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93287"
},
{
"name": "GLSA-201701-68",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-68"
}
]
}
}

34
2016/5xxx/CVE-2016-5698.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5698", "ID": "CVE-2016-5698",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2016/5xxx/CVE-2016-5982.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5982", "ID": "CVE-2016-5982",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

212
2018/2xxx/CVE-2018-2364.json
View File

@ -1,108 +1,108 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2018-2364", "ID": "CVE-2018-2364",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP CRM WebClient UI", "product_name": "SAP CRM WebClient UI",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.01" "version_value": "7.01"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.31" "version_value": "7.31"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.46" "version_value": "7.46"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.47" "version_value": "7.47"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.48" "version_value": "7.48"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.00" "version_value": "8.00"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.01" "version_value": "8.01"
} }
] ]
} }
}, },
{ {
"product_name" : "S4FND", "product_name": "S4FND",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "1.02" "version_value": "1.02"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP SE" "vendor_name": "SAP SE"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SAP CRM WebClient UI 7.01, 7.31, 7.46, 7.47, 7.48, 8.00, 8.01, S4FND 1.02, does not sufficiently validate and/or encode hidden fields, resulting in Cross-Site Scripting (XSS) vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting (XSS)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" "lang": "eng",
}, "value": "SAP CRM WebClient UI 7.01, 7.31, 7.46, 7.47, 7.48, 8.00, 8.01, S4FND 1.02, does not sufficiently validate and/or encode hidden fields, resulting in Cross-Site Scripting (XSS) vulnerability."
{ }
"name" : "https://launchpad.support.sap.com/#/notes/2541700", ]
"refsource" : "CONFIRM", },
"url" : "https://launchpad.support.sap.com/#/notes/2541700" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "103002", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/103002" "lang": "eng",
} "value": "Cross-Site Scripting (XSS)"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "103002",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103002"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2541700",
"refsource": "CONFIRM",
"url": "https://launchpad.support.sap.com/#/notes/2541700"
},
{
"name": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/",
"refsource": "CONFIRM",
"url": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
}
]
}
}

180
2018/2xxx/CVE-2018-2437.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2018-2437", "ID": "CVE-2018-2437",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : " SAP Internet Graphics Server (IGS)", "product_name": " SAP Internet Graphics Server (IGS)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_name" : "=", "version_name": "=",
"version_value" : "7.20" "version_value": "7.20"
}, },
{ {
"version_name" : "=", "version_name": "=",
"version_value" : "7.20EXT" "version_value": "7.20EXT"
}, },
{ {
"version_name" : "=", "version_name": "=",
"version_value" : "7.45" "version_value": "7.45"
}, },
{ {
"version_name" : "=", "version_name": "=",
"version_value" : "7.49" "version_value": "7.49"
}, },
{ {
"version_name" : "=", "version_name": "=",
"version_value" : "7.53" "version_value": "7.53"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP" "vendor_name": "SAP"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Disclosure of information and malicious file insertion or modification."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://launchpad.support.sap.com/#/notes/2644227", "description_data": [
"refsource" : "MISC", {
"url" : "https://launchpad.support.sap.com/#/notes/2644227" "lang": "eng",
}, "value": "The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification."
{ }
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000", ]
"refsource" : "CONFIRM", },
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "104705", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/104705" "lang": "eng",
} "value": "Disclosure of information and malicious file insertion or modification."
] }
}, ]
"source" : { }
"discovery" : "UNKNOWN" ]
} },
} "references": {
"reference_data": [
{
"name": "104705",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104705"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2644227",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2644227"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

148
2018/2xxx/CVE-2018-2451.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2018-2451", "ID": "CVE-2018-2451",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP HANA Extended Application Services", "product_name": "SAP HANA Extended Application Services",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_name" : "", "version_name": "",
"version_value" : "1.0" "version_value": "1.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP" "vendor_name": "SAP"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "XS Command-Line Interface (CLI) user sessions with the SAP HANA Extended Application Services (XS), version 1, advanced server may have an unintentional prolonged period of validity. Consequently, a platform user could access controller resources via active CLI session even after corresponding authorizations have been revoked meanwhile by an administrator user. Similarly, an attacker who managed to gain access to the platform user's session might misuse the session token even after the session has been closed."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Other"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://launchpad.support.sap.com/#/notes/2590705", "description_data": [
"refsource" : "MISC", {
"url" : "https://launchpad.support.sap.com/#/notes/2590705" "lang": "eng",
}, "value": "XS Command-Line Interface (CLI) user sessions with the SAP HANA Extended Application Services (XS), version 1, advanced server may have an unintentional prolonged period of validity. Consequently, a platform user could access controller resources via active CLI session even after corresponding authorizations have been revoked meanwhile by an administrator user. Similarly, an attacker who managed to gain access to the platform user's session might misuse the session token even after the session has been closed."
{ }
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742", ]
"refsource" : "CONFIRM", },
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "105091", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/105091" "lang": "eng",
} "value": "Other"
] }
}, ]
"source" : { }
"discovery" : "UNKNOWN" ]
} },
} "references": {
"reference_data": [
{
"name": "105091",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105091"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2590705",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2590705"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

34
2018/2xxx/CVE-2018-2517.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-2517", "ID": "CVE-2018-2517",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

214
2018/2xxx/CVE-2018-2747.json
View File

@ -1,109 +1,109 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2747", "ID": "CVE-2018-2747",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "FLEXCUBE Universal Banking", "product_name": "FLEXCUBE Universal Banking",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "11.3.0" "version_value": "11.3.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "11.4.0" "version_value": "11.4.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.0.1" "version_value": "12.0.1"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.0.2" "version_value": "12.0.2"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.0.3" "version_value": "12.0.3"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.1.0" "version_value": "12.1.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.0" "version_value": "12.2.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.3.0" "version_value": "12.3.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.4.0" "version_value": "12.4.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "14.0.0" "version_value": "14.0.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0 and 14.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0 and 14.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)."
{ }
"name" : "103844", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103844" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040693", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040693" "lang": "eng",
} "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending accessible data."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1040693",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040693"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "103844",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103844"
}
]
}
}

34
2019/0xxx/CVE-2019-0133.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0133", "ID": "CVE-2019-0133",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0215.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0215", "ID": "CVE-2019-0215",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

366
2019/0xxx/CVE-2019-0602.json
View File

@ -1,185 +1,185 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2019-0602", "ID": "CVE-2019-0602",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows", "product_name": "Windows",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7 for 32-bit Systems Service Pack 1" "version_value": "7 for 32-bit Systems Service Pack 1"
}, },
{ {
"version_value" : "7 for x64-based Systems Service Pack 1" "version_value": "7 for x64-based Systems Service Pack 1"
}, },
{ {
"version_value" : "8.1 for 32-bit systems" "version_value": "8.1 for 32-bit systems"
}, },
{ {
"version_value" : "8.1 for x64-based systems" "version_value": "8.1 for x64-based systems"
}, },
{ {
"version_value" : "RT 8.1" "version_value": "RT 8.1"
}, },
{ {
"version_value" : "10 for 32-bit Systems" "version_value": "10 for 32-bit Systems"
}, },
{ {
"version_value" : "10 for x64-based Systems" "version_value": "10 for x64-based Systems"
}, },
{ {
"version_value" : "10 Version 1607 for 32-bit Systems" "version_value": "10 Version 1607 for 32-bit Systems"
}, },
{ {
"version_value" : "10 Version 1607 for x64-based Systems" "version_value": "10 Version 1607 for x64-based Systems"
}, },
{ {
"version_value" : "10 Version 1703 for 32-bit Systems" "version_value": "10 Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "10 Version 1703 for x64-based Systems" "version_value": "10 Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "10 Version 1709 for 32-bit Systems" "version_value": "10 Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "10 Version 1709 for x64-based Systems" "version_value": "10 Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "10 Version 1803 for 32-bit Systems" "version_value": "10 Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "10 Version 1803 for x64-based Systems" "version_value": "10 Version 1803 for x64-based Systems"
}, },
{ {
"version_value" : "10 Version 1803 for ARM64-based Systems" "version_value": "10 Version 1803 for ARM64-based Systems"
}, },
{ {
"version_value" : "10 Version 1809 for 32-bit Systems" "version_value": "10 Version 1809 for 32-bit Systems"
}, },
{ {
"version_value" : "10 Version 1809 for x64-based Systems" "version_value": "10 Version 1809 for x64-based Systems"
}, },
{ {
"version_value" : "10 Version 1809 for ARM64-based Systems" "version_value": "10 Version 1809 for ARM64-based Systems"
}, },
{ {
"version_value" : "10 Version 1709 for ARM64-based Systems" "version_value": "10 Version 1709 for ARM64-based Systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server", "product_name": "Windows Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
}, },
{ {
"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1"
}, },
{ {
"version_value" : "2008 R2 for x64-based Systems Service Pack 1" "version_value": "2008 R2 for x64-based Systems Service Pack 1"
}, },
{ {
"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
}, },
{ {
"version_value" : "2012" "version_value": "2012"
}, },
{ {
"version_value" : "2012 (Core installation)" "version_value": "2012 (Core installation)"
}, },
{ {
"version_value" : "2012 R2" "version_value": "2012 R2"
}, },
{ {
"version_value" : "2012 R2 (Core installation)" "version_value": "2012 R2 (Core installation)"
}, },
{ {
"version_value" : "2016" "version_value": "2016"
}, },
{ {
"version_value" : "2016 (Core installation)" "version_value": "2016 (Core installation)"
}, },
{ {
"version_value" : "version 1709 (Core Installation)" "version_value": "version 1709 (Core Installation)"
}, },
{ {
"version_value" : "version 1803 (Core Installation)" "version_value": "version 1803 (Core Installation)"
}, },
{ {
"version_value" : "2019" "version_value": "2019"
}, },
{ {
"version_value" : "2019 (Core installation)" "version_value": "2019 (Core installation)"
}, },
{ {
"version_value" : "2008 for Itanium-Based Systems Service Pack 2" "version_value": "2008 for Itanium-Based Systems Service Pack 2"
}, },
{ {
"version_value" : "2008 for 32-bit Systems Service Pack 2" "version_value": "2008 for 32-bit Systems Service Pack 2"
}, },
{ {
"version_value" : "2008 for x64-based Systems Service Pack 2" "version_value": "2008 for x64-based Systems Service Pack 2"
}, },
{ {
"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660, CVE-2019-0664."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0602", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0602" "lang": "eng",
}, "value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660, CVE-2019-0664."
{ }
"name" : "106858", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106858" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106858",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106858"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0602",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0602"
}
]
}
}

130
2019/0xxx/CVE-2019-0729.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2019-0729", "ID": "CVE-2019-0729",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Java SDK for Azure IoT", "product_name": "Java SDK for Azure IoT",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "" "version_value": ""
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0729", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0729" "lang": "eng",
}, "value": "An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'."
{ }
"name" : "106966", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106966" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0729",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0729"
},
{
"name": "106966",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106966"
}
]
}
}

34
2019/1xxx/CVE-2019-1056.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1056", "ID": "CVE-2019-1056",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1272.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1272", "ID": "CVE-2019-1272",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1908.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1908", "ID": "CVE-2019-1908",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1948.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1948", "ID": "CVE-2019-1948",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4146.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4146", "ID": "CVE-2019-4146",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4265.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4265", "ID": "CVE-2019-4265",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4709.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4709", "ID": "CVE-2019-4709",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4797.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4797", "ID": "CVE-2019-4797",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5113.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5113", "ID": "CVE-2019-5113",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5367.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5367", "ID": "CVE-2019-5367",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5526.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5526", "ID": "CVE-2019-5526",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5676.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5676", "ID": "CVE-2019-5676",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }