admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:23:35 +00:00
parent 21f92c3b8e
commit b7b4f529ce
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
67 changed files with 4697 additions and 4697 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
1999/0xxx/CVE-1999-0065.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0065", "ID": "CVE-1999-0065",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "00181", "description_data": [
"refsource" : "SUN", {
"url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/181" "lang": "eng",
} "value": "Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "00181",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/181"
}
]
}
}

34
1999/0xxx/CVE-1999-0620.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-1999-0620", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-1999-0620",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"A component service related to NIS is running.\"" "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"A component service related to NIS is running.\""
} }
] ]
} }
} }

120
1999/0xxx/CVE-1999-0852.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0852", "ID": "CVE-1999-0852",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "844", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/844" "lang": "eng",
} "value": "IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "844",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/844"
}
]
}
}

130
1999/1xxx/CVE-1999-1086.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1086", "ID": "CVE-1999-1086",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19990715 NMRC Advisory: Netware 5 Client Hijacking", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=93214475111651&w=2" "lang": "eng",
}, "value": "Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls."
{ }
"name" : "528", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/528" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "528",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/528"
},
{
"name": "19990715 NMRC Advisory: Netware 5 Client Hijacking",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=93214475111651&w=2"
}
]
}
}

150
1999/1xxx/CVE-1999-1407.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1407", "ID": "CVE-1999-1407",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19980309 *sigh* another RH5 /tmp problem", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=88950856416985&w=2" "lang": "eng",
}, "value": "ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file."
{ }
"name" : "368", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/368" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "initscripts-ifdhcpdone-dhcplog-symlink(7294)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/7294.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts", ]
"refsource" : "CONFIRM", }
"url" : "http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts" ]
} },
] "references": {
} "reference_data": [
} {
"name": "initscripts-ifdhcpdone-dhcplog-symlink(7294)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7294.php"
},
{
"name": "http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts",
"refsource": "CONFIRM",
"url": "http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts"
},
{
"name": "19980309 *sigh* another RH5 /tmp problem",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=88950856416985&w=2"
},
{
"name": "368",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/368"
}
]
}
}

140
1999/1xxx/CVE-1999-1421.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1421", "ID": "CVE-1999-1421",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, which have default names."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19980720 N-Base Vulnerability Advisory", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=90221104526016&w=2" "lang": "eng",
}, "value": "NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, which have default names."
{ }
"name" : "19980722 N-Base Vulnerability Advisory Followup", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=90221104526065&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "212", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/212" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "19980722 N-Base Vulnerability Advisory Followup",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=90221104526065&w=2"
},
{
"name": "212",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/212"
},
{
"name": "19980720 N-Base Vulnerability Advisory",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=90221104526016&w=2"
}
]
}
}

150
2000/0xxx/CVE-2000-0060.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0060", "ID": "CVE-2000-0060",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers to cause a denial of service via a long user name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19991227 Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt", "description_data": [
"refsource" : "NTBUGTRAQ", {
"url" : "http://marc.info/?l=ntbugtraq&m=94647711311057&w=2" "lang": "eng",
}, "value": "Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers to cause a denial of service via a long user name."
{ }
"name" : "19991227 Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=94633851427858&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "894", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/894" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "avirt-rover-pop3-dos(3765)", ]
"refsource" : "XF", }
"url" : "http://www.iss.net/security_center/static/3765.php" ]
} },
] "references": {
} "reference_data": [
} {
"name": "19991227 Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=94647711311057&w=2"
},
{
"name": "19991227 Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=94633851427858&w=2"
},
{
"name": "894",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/894"
},
{
"name": "avirt-rover-pop3-dos(3765)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/3765.php"
}
]
}
}

130
2000/0xxx/CVE-2000-0146.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0146", "ID": "CVE-2000-0146",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause a denial of service via a long URL to the servlet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000207 Novell GroupWise 5.5 Enhancement Pack Web Access Denial of Servic e", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-02/0049.html" "lang": "eng",
}, "value": "The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause a denial of service via a long URL to the servlet."
{ }
"name" : "972", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/972" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "972",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/972"
},
{
"name": "20000207 Novell GroupWise 5.5 Enhancement Pack Web Access Denial of Servic e",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-02/0049.html"
}
]
}
}

130
2000/0xxx/CVE-2000-0283.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0283", "ID": "CVE-2000-0283",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000412 Performance Copilot for IRIX 6.5", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-04/0056.html" "lang": "eng",
}, "value": "The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon."
{ }
"name" : "1106", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1106" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000412 Performance Copilot for IRIX 6.5",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0056.html"
},
{
"name": "1106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1106"
}
]
}
}

160
2000/0xxx/CVE-2000-0530.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0530", "ID": "CVE-2000-0530",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000531 KDE::KApplication feature?", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html" "lang": "eng",
}, "value": "The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files."
{ }
"name" : "CSSA-2000-015.0", ]
"refsource" : "CALDERA", },
"url" : "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2000:032", "description": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2000-032.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1291", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/1291" ]
}, },
{ "references": {
"name" : "kde-configuration-file-creation(4583)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4583" "name": "20000531 KDE::KApplication feature?",
} "refsource": "BUGTRAQ",
] "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html"
} },
} {
"name": "kde-configuration-file-creation(4583)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4583"
},
{
"name": "CSSA-2000-015.0",
"refsource": "CALDERA",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt"
},
{
"name": "1291",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1291"
},
{
"name": "RHSA-2000:032",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-032.html"
}
]
}
}

210
2000/0xxx/CVE-2000-0676.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0676", "ID": "CVE-2000-0676",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the \"file\", \"http\", \"https\", and \"ftp\" protocols, as demonstrated by Brown Orifice."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000804 Dangerous Java/Netscape Security Hole", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html" "lang": "eng",
}, "value": "Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the \"file\", \"http\", \"https\", and \"ftp\" protocols, as demonstrated by Brown Orifice."
{ }
"name" : "RHSA-2000:054", ]
"refsource" : "REDHAT", },
"url" : "http://www.redhat.com/support/errata/RHSA-2000-054.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "CSSA-2000-027.1", "description": [
"refsource" : "CALDERA", {
"url" : "http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FreeBSD-SA-00:39", ]
"refsource" : "FREEBSD", }
"url" : "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc" ]
}, },
{ "references": {
"name" : "20000823 Security Hole in Netscape, Versions 4.x, possibly others", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html" "name": "20000804 Dangerous Java/Netscape Security Hole",
}, "refsource": "BUGTRAQ",
{ "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html"
"name" : "20000810 MDKSA-2000:033 Netscape Java vulnerability", },
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html" "name": "1546",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/1546"
"name" : "20000821 MDKSA-2000:036 - netscape update", },
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html" "name": "FreeBSD-SA-00:39",
}, "refsource": "FREEBSD",
{ "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
"name" : "20000818 Conectiva Linux Security Announcement - netscape", },
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html" "name": "20000810 MDKSA-2000:033 Netscape Java vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html"
"name" : "CA-2000-15", },
"refsource" : "CERT", {
"url" : "http://www.cert.org/advisories/CA-2000-15.html" "name": "20000823 Security Hole in Netscape, Versions 4.x, possibly others",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
"name" : "1546", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1546" "name": "20000818 Conectiva Linux Security Announcement - netscape",
} "refsource": "BUGTRAQ",
] "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html"
} },
} {
"name": "CSSA-2000-027.1",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt"
},
{
"name": "20000821 MDKSA-2000:036 - netscape update",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html"
},
{
"name": "CA-2000-15",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"name": "RHSA-2000:054",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-054.html"
}
]
}
}

140
2000/0xxx/CVE-2000-0911.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0911", "ID": "CVE-2000-0911",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachment_name hidden form variable, which causes IMP to send the file to the attacker as an attachment."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000912 (SRADV00003) Arbitrary file disclosure through IMP", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/82088" "lang": "eng",
}, "value": "IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachment_name hidden form variable, which causes IMP to send the file to the attacker as an attachment."
{ }
"name" : "1679", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1679" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "imp-attach-file(5227)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5227" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20000912 (SRADV00003) Arbitrary file disclosure through IMP",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/82088"
},
{
"name": "1679",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1679"
},
{
"name": "imp-attach-file(5227)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5227"
}
]
}
}

120
2000/0xxx/CVE-2000-0999.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0999", "ID": "CVE-2000-0999",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch", "description_data": [
"refsource" : "MISC", {
"url" : "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch" "lang": "eng",
} "value": "Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch",
"refsource": "MISC",
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch"
}
]
}
}

130
2000/1xxx/CVE-2000-1110.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1110", "ID": "CVE-2000-1110",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001128 IBM Net.Data Local Path Disclosure Vulnerability?", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0384.html" "lang": "eng",
}, "value": "document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program."
{ }
"name" : "2017", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/2017" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2017"
},
{
"name": "20001128 IBM Net.Data Local Path Disclosure Vulnerability?",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0384.html"
}
]
}
}

230
2007/1xxx/CVE-2007-1084.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1084", "ID": "CVE-2007-1084",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox 2.0.0.1 and earlier does not prompt users before saving bookmarklets, which allows remote attackers to bypass the same-domain policy by tricking a user into saving a bookmarklet with a data: scheme, which is executed in the context of the last visited web page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070221 Firefox bookmark cross-domain surfing vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/460885/100/0/threaded" "lang": "eng",
}, "value": "Mozilla Firefox 2.0.0.1 and earlier does not prompt users before saving bookmarklets, which allows remote attackers to bypass the same-domain policy by tricking a user into saving a bookmarklet with a data: scheme, which is executed in the context of the last visited web page."
{ }
"name" : "20070221 Re: [Full-disclosure] Firefox bookmark cross-domain surfing vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/460890/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070221 Re: [Full-disclosure] Firefox bookmark cross-domain surfing vulnerability", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/460896/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20070223 Re: [Full-disclosure] Firefox bookmark cross-domain surfingvulnerability", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/461021/100/0/threaded" ]
}, },
{ "references": {
"name" : "20070221 Firefox bookmark cross-domain surfing vulnerability", "reference_data": [
"refsource" : "FULLDISC", {
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0490.html" "name": "20070223 Re: [Full-disclosure] Firefox bookmark cross-domain surfingvulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/461021/100/0/threaded"
"name" : "http://lcamtuf.coredump.cx/ffbook", },
"refsource" : "MISC", {
"url" : "http://lcamtuf.coredump.cx/ffbook" "name": "20070221 Re: [Full-disclosure] Firefox bookmark cross-domain surfing vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/460896/100/0/threaded"
"name" : "http://lcamtuf.coredump.cx/ffbook/", },
"refsource" : "MISC", {
"url" : "http://lcamtuf.coredump.cx/ffbook/" "name": "33803",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/33803"
"name" : "http://www.heise-security.co.uk/news/85728", },
"refsource" : "MISC", {
"url" : "http://www.heise-security.co.uk/news/85728" "name": "http://lcamtuf.coredump.cx/ffbook",
}, "refsource": "MISC",
{ "url": "http://lcamtuf.coredump.cx/ffbook"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=371179", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=371179" "name": "20070221 Re: [Full-disclosure] Firefox bookmark cross-domain surfing vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/460890/100/0/threaded"
"name" : "22666", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22666" "name": "2304",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2304"
"name" : "33803", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33803" "name": "20070221 Firefox bookmark cross-domain surfing vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/460885/100/0/threaded"
"name" : "2304", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2304" "name": "http://lcamtuf.coredump.cx/ffbook/",
} "refsource": "MISC",
] "url": "http://lcamtuf.coredump.cx/ffbook/"
} },
} {
"name": "http://www.heise-security.co.uk/news/85728",
"refsource": "MISC",
"url": "http://www.heise-security.co.uk/news/85728"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=371179",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=371179"
},
{
"name": "22666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22666"
},
{
"name": "20070221 Firefox bookmark cross-domain surfing vulnerability",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0490.html"
}
]
}
}

160
2007/1xxx/CVE-2007-1136.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1136", "ID": "CVE-2007-1136",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "index.php in WebMplayer before 0.6.1-Alpha allows remote attackers to execute arbitrary code via shell metacharacters in an exec function call. NOTE: some sources have referred to this as eval injection in the param parameter, but CVE source inspection suggests that this is erroneous."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=486880&group_id=172354", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=486880&group_id=172354" "lang": "eng",
}, "value": "index.php in WebMplayer before 0.6.1-Alpha allows remote attackers to execute arbitrary code via shell metacharacters in an exec function call. NOTE: some sources have referred to this as eval injection in the param parameter, but CVE source inspection suggests that this is erroneous."
{ }
"name" : "20070227 WebMplayer \"eval injection\" is actually OS command injection", ]
"refsource" : "VIM", },
"url" : "http://attrition.org/pipermail/vim/2007-February/001399.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22726", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22726" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-0742", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/0742" ]
}, },
{ "references": {
"name" : "34441", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34441" "name": "http://sourceforge.net/project/shownotes.php?release_id=486880&group_id=172354",
} "refsource": "CONFIRM",
] "url": "http://sourceforge.net/project/shownotes.php?release_id=486880&group_id=172354"
} },
} {
"name": "22726",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22726"
},
{
"name": "20070227 WebMplayer \"eval injection\" is actually OS command injection",
"refsource": "VIM",
"url": "http://attrition.org/pipermail/vim/2007-February/001399.html"
},
{
"name": "34441",
"refsource": "OSVDB",
"url": "http://osvdb.org/34441"
},
{
"name": "ADV-2007-0742",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0742"
}
]
}
}

150
2007/1xxx/CVE-2007-1719.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1719", "ID": "CVE-2007-1719",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD, and possibly other versions, allows local users to execute arbitrary code via a long command line argument, possibly involving the device name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3578", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3578" "lang": "eng",
}, "value": "Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD, and possibly other versions, allows local users to execute arbitrary code via a long command line argument, possibly involving the device name."
{ }
"name" : "ADV-2007-1125", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/1125" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24641", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24641" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "bsd-mcweject-bo(33212)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33212" ]
} },
] "references": {
} "reference_data": [
} {
"name": "3578",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3578"
},
{
"name": "ADV-2007-1125",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1125"
},
{
"name": "bsd-mcweject-bo(33212)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33212"
},
{
"name": "24641",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24641"
}
]
}
}

130
2007/5xxx/CVE-2007-5124.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5124", "ID": "CVE-2007-5124",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The embedded Internet Explorer server control in AOL Instant Messenger (AIM) 6.5.3.12 and earlier allows remote attackers to execute arbitrary code via unspecified web script or HTML in an instant message, related to AIM's filtering of \"specific tags and attributes\" and the lack of Local Machine Zone lockdown. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-4901."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070925 RE: CORE-2007-0817: Remote Command execution, HTML and JavaScript injection vulnerabilities in AOL's Instant Messaging software", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/480647/100/0/threaded" "lang": "eng",
}, "value": "The embedded Internet Explorer server control in AOL Instant Messenger (AIM) 6.5.3.12 and earlier allows remote attackers to execute arbitrary code via unspecified web script or HTML in an instant message, related to AIM's filtering of \"specific tags and attributes\" and the lack of Local Machine Zone lockdown. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-4901."
{ }
"name" : "http://aviv.raffon.net/2007/09/25/ReadyAIMFire.aspx", ]
"refsource" : "MISC", },
"url" : "http://aviv.raffon.net/2007/09/25/ReadyAIMFire.aspx" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://aviv.raffon.net/2007/09/25/ReadyAIMFire.aspx",
"refsource": "MISC",
"url": "http://aviv.raffon.net/2007/09/25/ReadyAIMFire.aspx"
},
{
"name": "20070925 RE: CORE-2007-0817: Remote Command execution, HTML and JavaScript injection vulnerabilities in AOL's Instant Messaging software",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480647/100/0/threaded"
}
]
}
}

870
2007/5xxx/CVE-2007-5135.json
View File

@ -1,437 +1,437 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5135", "ID": "CVE-2007-5135",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070927 OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/480855/100/0/threaded" "lang": "eng",
}, "value": "Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible."
{ }
"name" : "20071004 Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/481506/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20071003 FLEA-2007-0058-1 openssl openssl-scripts", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/481488/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20071001 Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/481217/100/0/threaded" ]
}, },
{ "references": {
"name" : "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", "reference_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/485936/100/0/threaded" "name": "https://bugs.gentoo.org/show_bug.cgi?id=194039",
}, "refsource": "MISC",
{ "url": "https://bugs.gentoo.org/show_bug.cgi?id=194039"
"name" : "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", },
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/486859/100/0/threaded" "name": "HPSBUX02292",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/484353/100/0/threaded"
"name" : "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", },
"refsource" : "MLIST", {
"url" : "http://lists.vmware.com/pipermail/security-announce/2008/000002.html" "name": "oval:org.mitre.oval:def:5337",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5337"
"name" : "https://bugs.gentoo.org/show_bug.cgi?id=194039", },
"refsource" : "MISC", {
"url" : "https://bugs.gentoo.org/show_bug.cgi?id=194039" "name": "20071001 Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/481217/100/0/threaded"
"name" : "http://www.openssl.org/news/secadv_20071012.txt", },
"refsource" : "CONFIRM", {
"url" : "http://www.openssl.org/news/secadv_20071012.txt" "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0241",
}, "refsource": "CONFIRM",
{ "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0241"
"name" : "https://issues.rpath.com/browse/RPL-1769", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1769" "name": "27205",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27205"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-485.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-485.htm" "name": "27097",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27097"
"name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4037", },
"refsource" : "CONFIRM", {
"url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4037" "name": "ADV-2008-2362",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/2362"
"name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4038", },
"refsource" : "CONFIRM", {
"url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4038" "name": "1018755",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018755"
"name" : "http://www.vmware.com/security/advisories/VMSA-2008-0001.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2008-0001.html" "name": "31489",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31489"
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0241", },
"refsource" : "CONFIRM", {
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0241" "name": "APPLE-SA-2008-07-31",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
"name" : "https://issues.rpath.com/browse/RPL-1770", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1770" "name": "FEDORA-2007-725",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00218.html"
"name" : "http://www.vmware.com/security/advisories/VMSA-2008-0013.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2008-0013.html" "name": "RHSA-2007:1003",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-1003.html"
"name" : "APPLE-SA-2008-07-31", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html" "name": "29242",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29242"
"name" : "DSA-1379", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1379" "name": "MDKSA-2007:193",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:193"
"name" : "FEDORA-2007-725", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00218.html" "name": "https://issues.rpath.com/browse/RPL-1770",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1770"
"name" : "FreeBSD-SA-07:08", },
"refsource" : "FREEBSD", {
"url" : "http://security.freebsd.org/advisories/FreeBSD-SA-07:08.openssl.asc" "name": "27186",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27186"
"name" : "GLSA-200710-06", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200710-06.xml" "name": "27851",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27851"
"name" : "GLSA-200805-07", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml" "name": "ADV-2008-2268",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/2268"
"name" : "HPSBUX02292", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/484353/100/0/threaded" "name": "30124",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30124"
"name" : "SSRT071499", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/484353/100/0/threaded" "name": "SUSE-SR:2008:005",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
"name" : "MDKSA-2007:193", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:193" "name": "27394",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27394"
"name" : "NetBSD-SA2008-007", },
"refsource" : "NETBSD", {
"url" : "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc" "name": "[4.1] 011: SECURITY FIX: October 10, 2007",
}, "refsource": "OPENBSD",
{ "url": "http://www.openbsd.org/errata41.html"
"name" : "[4.0] 017: SECURITY FIX: October 10, 2007", },
"refsource" : "OPENBSD", {
"url" : "http://www.openbsd.org/errata40.html" "name": "20071004 Re: OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/481506/100/0/threaded"
"name" : "[4.1] 011: SECURITY FIX: October 10, 2007", },
"refsource" : "OPENBSD", {
"url" : "http://www.openbsd.org/errata41.html" "name": "oval:org.mitre.oval:def:10904",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10904"
"name" : "[4.2] 002: SECURITY FIX: October 10, 2007", },
"refsource" : "OPENBSD", {
"url" : "http://www.openbsd.org/errata42.html" "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
"name" : "RHSA-2007:0964", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0964.html" "name": "31308",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31308"
"name" : "RHSA-2007:0813", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0813.html" "name": "22130",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22130"
"name" : "RHSA-2007:1003", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1003.html" "name": "27031",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27031"
"name" : "103130", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103130-1" "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
}, "refsource": "MLIST",
{ "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
"name" : "200858", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200858-1" "name": "ADV-2007-3625",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3625"
"name" : "SUSE-SR:2007:020", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_20_sr.html" "name": "20070927 OpenSSL SSL_get_shared_ciphers() off-by-one buffer overflow",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/480855/100/0/threaded"
"name" : "SUSE-SR:2008:005", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" "name": "FreeBSD-SA-07:08",
}, "refsource": "FREEBSD",
{ "url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:08.openssl.asc"
"name" : "USN-522-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/522-1/" "name": "USN-522-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/522-1/"
"name" : "25831", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25831" "name": "ADV-2008-2361",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/2361"
"name" : "oval:org.mitre.oval:def:10904", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10904" "name": "27217",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27217"
"name" : "ADV-2007-3625", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3625" "name": "31467",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31467"
"name" : "ADV-2007-3325", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3325" "name": "27961",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27961"
"name" : "ADV-2007-4042", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/4042" "name": "RHSA-2007:0964",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0964.html"
"name" : "ADV-2007-4144", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/4144" "name": "27870",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27870"
"name" : "ADV-2008-0064", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0064" "name": "25831",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25831"
"name" : "ADV-2008-2268", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2268" "name": "DSA-1379",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1379"
"name" : "ADV-2008-2361", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2361" "name": "ADV-2007-4042",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/4042"
"name" : "ADV-2008-2362", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2362" "name": "20071003 FLEA-2007-0058-1 openssl openssl-scripts",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/481488/100/0/threaded"
"name" : "oval:org.mitre.oval:def:5337", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5337" "name": "27330",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27330"
"name" : "1018755", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018755" "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4038",
}, "refsource": "CONFIRM",
{ "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4038"
"name" : "27021", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27021" "name": "30161",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30161"
"name" : "22130", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22130" "name": "GLSA-200805-07",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
"name" : "27012", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27012" "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4037",
}, "refsource": "CONFIRM",
{ "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4037"
"name" : "27051", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27051" "name": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html"
"name" : "27097", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27097" "name": "28368",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28368"
"name" : "27078", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27078" "name": "https://issues.rpath.com/browse/RPL-1769",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1769"
"name" : "27186", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27186" "name": "27012",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27012"
"name" : "27205", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27205" "name": "3179",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/3179"
"name" : "27217", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27217" "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-485.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-485.htm"
"name" : "27330", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27330" "name": "27229",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27229"
"name" : "27394", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27394" "name": "27051",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27051"
"name" : "27229", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27229" "name": "31326",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31326"
"name" : "27031", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27031" "name": "27078",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27078"
"name" : "27870", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27870" "name": "GLSA-200710-06",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200710-06.xml"
"name" : "27851", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27851" "name": "SSRT071499",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/484353/100/0/threaded"
"name" : "27961", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27961" "name": "NetBSD-SA2008-007",
}, "refsource": "NETBSD",
{ "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc"
"name" : "28368", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28368" "name": "http://www.openssl.org/news/secadv_20071012.txt",
}, "refsource": "CONFIRM",
{ "url": "http://www.openssl.org/news/secadv_20071012.txt"
"name" : "29242", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29242" "name": "200858",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200858-1"
"name" : "30124", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30124" "name": "[4.0] 017: SECURITY FIX: October 10, 2007",
}, "refsource": "OPENBSD",
{ "url": "http://www.openbsd.org/errata40.html"
"name" : "30161", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30161" "name": "[4.2] 002: SECURITY FIX: October 10, 2007",
}, "refsource": "OPENBSD",
{ "url": "http://www.openbsd.org/errata42.html"
"name" : "31326", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31326" "name": "openssl-sslgetshared-bo(36837)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36837"
"name" : "31308", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31308" "name": "RHSA-2007:0813",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0813.html"
"name" : "31467", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31467" "name": "SUSE-SR:2007:020",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_20_sr.html"
"name" : "31489", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31489" "name": "ADV-2007-3325",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3325"
"name" : "3179", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3179" "name": "ADV-2007-4144",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/4144"
"name" : "openssl-sslgetshared-bo(36837)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36837" "name": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html",
} "refsource": "CONFIRM",
] "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
} },
} {
"name": "ADV-2008-0064",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0064"
},
{
"name": "27021",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27021"
},
{
"name": "103130",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103130-1"
},
{
"name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
}
]
}
}

200
2007/5xxx/CVE-2007-5161.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5161", "ID": "CVE-2007-5161",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remote attackers to inject arbitrary web script or HTML via an item in a feed, as demonstrated by a WordPress blog update. NOTE: this was originally reported as XSS."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070928 feedreader3 has XSS vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/480998/100/0/threaded" "lang": "eng",
}, "value": "Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remote attackers to inject arbitrary web script or HTML via an item in a feed, as demonstrated by a WordPress blog update. NOTE: this was originally reported as XSS."
{ }
"name" : "20070930 RE: feedreader3 has XSS vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/481208/100/200/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070930 Re: [Full-disclosure] feedreader3 has XSS vulnerability", "description": [
"refsource" : "FULLDISC", {
"url" : "http://marc.info/?l=full-disclosure&m=119115897930583&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25849", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25849" ]
}, },
{ "references": {
"name" : "ADV-2007-3316", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3316" "name": "feedreader3-rssfeed-xss(36863)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36863"
"name" : "37409", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37409" "name": "37409",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37409"
"name" : "26996", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26996" "name": "25849",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25849"
"name" : "3183", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3183" "name": "ADV-2007-3316",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3316"
"name" : "feedreader3-rssfeed-xss(36863)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36863" "name": "20070930 RE: feedreader3 has XSS vulnerability",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/481208/100/200/threaded"
} },
} {
"name": "20070930 Re: [Full-disclosure] feedreader3 has XSS vulnerability",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=119115897930583&w=2"
},
{
"name": "20070928 feedreader3 has XSS vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480998/100/0/threaded"
},
{
"name": "3183",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3183"
},
{
"name": "26996",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26996"
}
]
}
}

450
2007/5xxx/CVE-2007-5191.json
View File

@ -1,227 +1,227 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-5191", "ID": "CVE-2007-5191",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/485936/100/0/threaded" "lang": "eng",
}, "value": "mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs."
{ }
"name" : "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/486859/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", "description": [
"refsource" : "MLIST", {
"url" : "http://lists.vmware.com/pipermail/security-announce/2008/000002.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e", ]
"refsource" : "CONFIRM", }
"url" : "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e" ]
}, },
{ "references": {
"name" : "https://issues.rpath.com/browse/RPL-1757", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1757" "name": "USN-533-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-533-1"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=320041", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=320041" "name": "https://issues.rpath.com/browse/RPL-1757",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1757"
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=195390", },
"refsource" : "CONFIRM", {
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=195390" "name": "27145",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27145"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm" "name": "http://bugs.gentoo.org/show_bug.cgi?id=195390",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.gentoo.org/show_bug.cgi?id=195390"
"name" : "http://www.vmware.com/security/advisories/VMSA-2008-0001.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2008-0001.html" "name": "27122",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27122"
"name" : "DSA-1449", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1449" "name": "MDKSA-2007:198",
}, "refsource": "MANDRIVA",
{ "url": "http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198"
"name" : "DSA-1450", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1450" "name": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e"
"name" : "FEDORA-2007-2462", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html" "name": "28349",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28349"
"name" : "GLSA-200710-18", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200710-18.xml" "name": "DSA-1449",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1449"
"name" : "MDKSA-2007:198", },
"refsource" : "MANDRIVA", {
"url" : "http://frontal2.mandriva.com/en/security/advisories?name=MDKSA-2007:198" "name": "DSA-1450",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1450"
"name" : "RHSA-2007:0969", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0969.html" "name": "27104",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27104"
"name" : "SUSE-SR:2007:022", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html" "name": "27283",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27283"
"name" : "USN-533-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-533-1" "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
"name" : "25973", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25973" "name": "27354",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27354"
"name" : "oval:org.mitre.oval:def:10101", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101" "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
}, "refsource": "MLIST",
{ "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
"name" : "ADV-2007-3417", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3417" "name": "28469",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28469"
"name" : "ADV-2008-0064", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0064" "name": "GLSA-200710-18",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200710-18.xml"
"name" : "1018782", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018782" "name": "28348",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28348"
"name" : "27104", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27104" "name": "1018782",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018782"
"name" : "27145", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27145" "name": "FEDORA-2007-2462",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00144.html"
"name" : "27188", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27188" "name": "27687",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27687"
"name" : "27122", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27122" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=320041",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=320041"
"name" : "27283", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27283" "name": "28368",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28368"
"name" : "27354", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27354" "name": "27399",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27399"
"name" : "27687", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27687" "name": "oval:org.mitre.oval:def:10101",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10101"
"name" : "27399", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27399" "name": "25973",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25973"
"name" : "28348", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28348" "name": "27188",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27188"
"name" : "28349", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28349" "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-023.htm"
"name" : "28368", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28368" "name": "ADV-2007-3417",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3417"
"name" : "28469", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28469" "name": "RHSA-2007:0969",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2007-0969.html"
} },
} {
"name": "SUSE-SR:2007:022",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
},
{
"name": "ADV-2008-0064",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0064"
},
{
"name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
}
]
}
}

180
2007/5xxx/CVE-2007-5370.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5370", "ID": "CVE-2007-5370",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/dnewsweb.exe in NetWin DNewsWeb (DNews News Server) 57e1 allow remote attackers to inject arbitrary web script or HTML via the (1) group or (2) utag parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071009 DNewsWeb Softwares Cross Site Scripting Vulrnability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/481865/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/dnewsweb.exe in NetWin DNewsWeb (DNews News Server) 57e1 allow remote attackers to inject arbitrary web script or HTML via the (1) group or (2) utag parameter."
{ }
"name" : "25981", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25981" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-3452", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3452" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37651", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/37651" ]
}, },
{ "references": {
"name" : "27163", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27163" "name": "dnews-dnewsweb-xss(37031)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37031"
"name" : "3208", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3208" "name": "20071009 DNewsWeb Softwares Cross Site Scripting Vulrnability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/481865/100/0/threaded"
"name" : "dnews-dnewsweb-xss(37031)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37031" "name": "27163",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/27163"
} },
} {
"name": "ADV-2007-3452",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3452"
},
{
"name": "37651",
"refsource": "OSVDB",
"url": "http://osvdb.org/37651"
},
{
"name": "3208",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3208"
},
{
"name": "25981",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25981"
}
]
}
}

34
2007/5xxx/CVE-2007-5681.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5681", "ID": "CVE-2007-5681",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

230
2015/3xxx/CVE-2015-3291.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-3291", "ID": "CVE-2015-3291",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of service (skipped NMI) by modifying the rsp register, issuing a syscall instruction, and triggering an NMI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150722 Linux x86_64 NMI security issues", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/07/22/7" "lang": "eng",
}, "value": "arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of service (skipped NMI) by modifying the rsp register, issuing a syscall instruction, and triggering an NMI."
{ }
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=810bc075f78ff2c221536eb3008eac6a492dba2d", ]
"refsource" : "CONFIRM", },
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=810bc075f78ff2c221536eb3008eac6a492dba2d" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1243489", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1243489" ]
}, },
{ "references": {
"name" : "https://github.com/torvalds/linux/commit/810bc075f78ff2c221536eb3008eac6a492dba2d", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/810bc075f78ff2c221536eb3008eac6a492dba2d" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1243489",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243489"
"name" : "DSA-3313", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3313" "name": "76003",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/76003"
"name" : "USN-2687-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2687-1" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=810bc075f78ff2c221536eb3008eac6a492dba2d",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=810bc075f78ff2c221536eb3008eac6a492dba2d"
"name" : "USN-2688-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2688-1" "name": "https://github.com/torvalds/linux/commit/810bc075f78ff2c221536eb3008eac6a492dba2d",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/810bc075f78ff2c221536eb3008eac6a492dba2d"
"name" : "USN-2689-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2689-1" "name": "USN-2689-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2689-1"
"name" : "USN-2690-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2690-1" "name": "USN-2690-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2690-1"
"name" : "USN-2691-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2691-1" "name": "USN-2691-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2691-1"
"name" : "76003", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76003" "name": "USN-2688-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-2688-1"
} },
} {
"name": "DSA-3313",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3313"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.6"
},
{
"name": "[oss-security] 20150722 Linux x86_64 NMI security issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/07/22/7"
},
{
"name": "USN-2687-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2687-1"
}
]
}
}

120
2015/3xxx/CVE-2015-3865.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2015-3865", "ID": "CVE-2015-3865",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Runtime subsystem in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23050463."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[android-security-updates] 20151005 Nexus Security Bulletin (October 2015)", "description_data": [
"refsource" : "MLIST", {
"url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/_Rm-lKnS2M8/dGTcilt0CAAJ" "lang": "eng",
} "value": "The Runtime subsystem in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23050463."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[android-security-updates] 20151005 Nexus Security Bulletin (October 2015)",
"refsource": "MLIST",
"url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/_Rm-lKnS2M8/dGTcilt0CAAJ"
}
]
}
}

34
2015/4xxx/CVE-2015-4416.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4416", "ID": "CVE-2015-4416",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2015/4xxx/CVE-2015-4889.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-4889", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-4889",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

140
2015/7xxx/CVE-2015-7086.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-7086", "ID": "CVE-2015-7086",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT205638", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205638" "lang": "eng",
}, "value": "Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerability than CVE-2015-7085, CVE-2015-7087, CVE-2015-7088, CVE-2015-7089, CVE-2015-7090, CVE-2015-7091, CVE-2015-7092, and CVE-2015-7117."
{ }
"name" : "APPLE-SA-2016-01-07-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00000.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034610", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034610" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2016-01-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00000.html"
},
{
"name": "1034610",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034610"
},
{
"name": "https://support.apple.com/HT205638",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205638"
}
]
}
}

150
2015/7xxx/CVE-2015-7226.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7226", "ID": "CVE-2015-7226",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Administration Views module 7.x-1.x before 7.x-1.5 for Drupal checks access permissions based on the router path from the view instead of the display property, which allows remote attackers to obtain sensitive information via vectors related to the access handler."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.drupal.org/node/2529378", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.drupal.org/node/2529378" "lang": "eng",
}, "value": "The Administration Views module 7.x-1.x before 7.x-1.5 for Drupal checks access permissions based on the router path from the view instead of the display property, which allows remote attackers to obtain sensitive information via vectors related to the access handler."
{ }
"name" : "http://cgit.drupalcode.org/admin_views/commit/?id=44098bb", ]
"refsource" : "CONFIRM", },
"url" : "http://cgit.drupalcode.org/admin_views/commit/?id=44098bb" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.drupal.org/node/2529366", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/node/2529366" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "75697", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/75697" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://www.drupal.org/node/2529366",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2529366"
},
{
"name": "75697",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75697"
},
{
"name": "https://www.drupal.org/node/2529378",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2529378"
},
{
"name": "http://cgit.drupalcode.org/admin_views/commit/?id=44098bb",
"refsource": "CONFIRM",
"url": "http://cgit.drupalcode.org/admin_views/commit/?id=44098bb"
}
]
}
}

34
2015/7xxx/CVE-2015-7336.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7336", "ID": "CVE-2015-7336",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2015/8xxx/CVE-2015-8198.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8198", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8198",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

220
2015/8xxx/CVE-2015-8438.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-8438", "ID": "CVE-2015-8438",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted XML object that is mishandled during a toString call, a different vulnerability than CVE-2015-8446."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-15-605", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-15-605" "lang": "eng",
}, "value": "Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted XML object that is mishandled during a toString call, a different vulnerability than CVE-2015-8446."
{ }
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "description": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", ]
"refsource" : "CONFIRM", }
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" ]
}, },
{ "references": {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" "name": "openSUSE-SU-2015:2239",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html"
"name" : "GLSA-201601-03", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201601-03" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
"name" : "SUSE-SU-2015:2236", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html",
}, "refsource": "CONFIRM",
{ "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
"name" : "SUSE-SU-2015:2247", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" "name": "SUSE-SU-2015:2236",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html"
"name" : "openSUSE-SU-2015:2239", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" "name": "http://zerodayinitiative.com/advisories/ZDI-15-605",
}, "refsource": "MISC",
{ "url": "http://zerodayinitiative.com/advisories/ZDI-15-605"
"name" : "78712", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/78712" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
"name" : "1034318", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034318" "name": "SUSE-SU-2015:2247",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html"
} },
} {
"name": "78712",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78712"
},
{
"name": "1034318",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034318"
},
{
"name": "GLSA-201601-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201601-03"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
}
]
}
}

120
2015/8xxx/CVE-2015-8482.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8482", "ID": "CVE-2015-8482",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when running in local enforcement mode, which allows local administrators to unblock categories or disable the agent via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bto.bluecoat.com/security-advisory/sa102", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bto.bluecoat.com/security-advisory/sa102" "lang": "eng",
} "value": "Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when running in local enforcement mode, which allows local administrators to unblock categories or disable the agent via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bto.bluecoat.com/security-advisory/sa102",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa102"
}
]
}
}

140
2015/8xxx/CVE-2015-8489.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2015-8489", "ID": "CVE-2015-8489",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service (excessive database locking) via a crafted CSV file, a different vulnerability than CVE-2016-1153."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://cs.cybozu.co.jp/2015/006073.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://cs.cybozu.co.jp/2015/006073.html" "lang": "eng",
}, "value": "customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service (excessive database locking) via a crafted CSV file, a different vulnerability than CVE-2016-1153."
{ }
"name" : "JVN#20246313", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN20246313/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2016-000020", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000020" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2016-000020",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000020"
},
{
"name": "JVN#20246313",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN20246313/index.html"
},
{
"name": "https://cs.cybozu.co.jp/2015/006073.html",
"refsource": "CONFIRM",
"url": "https://cs.cybozu.co.jp/2015/006073.html"
}
]
}
}

280
2015/8xxx/CVE-2015-8540.json
View File

@ -1,142 +1,142 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8540", "ID": "CVE-2015-8540",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20151210 CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/12/10/6" "lang": "eng",
}, "value": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read."
{ }
"name" : "[oss-security] 20151210 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2015/12/10/7" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20151211 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/12/11/1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[oss-security] 20151211 Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", ]
"refsource" : "MLIST", }
"url" : "http://www.openwall.com/lists/oss-security/2015/12/11/2" ]
}, },
{ "references": {
"name" : "[oss-security] 20151217 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)", "reference_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/12/17/10" "name": "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/"
"name" : "http://sourceforge.net/p/libpng/bugs/244/", },
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/p/libpng/bugs/244/" "name": "GLSA-201611-08",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201611-08"
"name" : "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/", },
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/" "name": "[oss-security] 20151211 Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/12/11/2"
"name" : "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/", },
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/" "name": "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/"
"name" : "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/", },
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/" "name": "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/"
"name" : "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/", },
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/" "name": "RHSA-2016:1430",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1430"
"name" : "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/", },
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/" "name": "[oss-security] 20151210 CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/12/10/6"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
"name" : "DSA-3443", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3443" "name": "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/"
"name" : "FEDORA-2015-3868cfa17b", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html" "name": "[oss-security] 20151211 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/12/11/1"
"name" : "GLSA-201611-08", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201611-08" "name": "[oss-security] 20151210 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/12/10/7"
"name" : "RHSA-2016:1430", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1430" "name": "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/"
"name" : "80592", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/80592" "name": "DSA-3443",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2016/dsa-3443"
} },
} {
"name": "http://sourceforge.net/p/libpng/bugs/244/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/libpng/bugs/244/"
},
{
"name": "80592",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/80592"
},
{
"name": "[oss-security] 20151217 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/10"
},
{
"name": "FEDORA-2015-3868cfa17b",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html"
}
]
}
}

132
2015/9xxx/CVE-2015-9172.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2015-9172", "ID": "CVE-2015-9172",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850" "version_value": "MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a WideVine API function, a buffer over-read can occur."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Over-read in TrustZone"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a WideVine API function, a buffer over-read can occur."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Buffer Over-read in TrustZone"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

132
2015/9xxx/CVE-2015-9213.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2015-9213", "ID": "CVE-2015-9213",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile, Snapdragon Wear", "product_name": "Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20" "version_value": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, the DIAG-EFS command EFS2_DIAG_DELTREE, which is handled by the function fs_diag_deltree_handler(), is used to delete files and directories only inside the /public folder."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Improper Access Contorl in Storage."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, the DIAG-EFS command EFS2_DIAG_DELTREE, which is handled by the function fs_diag_deltree_handler(), is used to delete files and directories only inside the /public folder."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Improper Access Contorl in Storage."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

120
2016/0xxx/CVE-2016-0398.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0398", "ID": "CVE-2016-0398",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Cognos Analytics (CA) 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21977070", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21977070" "lang": "eng",
} "value": "IBM Cognos Analytics (CA) 11.0 before 11.0.2 allows remote attackers to conduct content-spoofing attacks via a crafted URL."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21977070",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977070"
}
]
}
}

260
2016/0xxx/CVE-2016-0655.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0655", "ID": "CVE-2016-0655",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB."
{ }
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/", ]
"refsource" : "CONFIRM", },
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3595", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3595" ]
}, },
{ "references": {
"name" : "RHSA-2016:0705", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html" "name": "SUSE-SU-2016:1620",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html"
"name" : "RHSA-2016:1132", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1132" "name": "86424",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/86424"
"name" : "openSUSE-SU-2016:1686", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html" "name": "RHSA-2016:1132",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1132"
"name" : "SUSE-SU-2016:1619", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html" "name": "1035606",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035606"
"name" : "SUSE-SU-2016:1620", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html" "name": "USN-2953-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2953-1"
"name" : "openSUSE-SU-2016:1664", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html" "name": "openSUSE-SU-2016:1332",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html"
"name" : "openSUSE-SU-2016:1332", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html" "name": "USN-2954-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2954-1"
"name" : "USN-2953-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2953-1" "name": "SUSE-SU-2016:1619",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html"
"name" : "USN-2954-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2954-1" "name": "openSUSE-SU-2016:1664",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html"
"name" : "86424", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/86424" "name": "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/",
}, "refsource": "CONFIRM",
{ "url": "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/"
"name" : "1035606", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035606" "name": "DSA-3595",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2016/dsa-3595"
} },
} {
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "openSUSE-SU-2016:1686",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html"
},
{
"name": "RHSA-2016:0705",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html"
},
{
"name": "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/"
}
]
}
}

130
2016/1xxx/CVE-2016-1036.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-1036", "ID": "CVE-2016-1036",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Adobe Analytics AppMeasurement for Flash Library before 4.0.1, when debugTracking is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/analytics/apsb16-13.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/analytics/apsb16-13.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Adobe Analytics AppMeasurement for Flash Library before 4.0.1, when debugTracking is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "1035671", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1035671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/analytics/apsb16-13.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/analytics/apsb16-13.html"
},
{
"name": "1035671",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035671"
}
]
}
}

120
2016/1xxx/CVE-2016-1270.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1270", "ID": "CVE-2016-1270",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10737", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10737" "lang": "eng",
} "value": "The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10737",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10737"
}
]
}
}

210
2016/1xxx/CVE-2016-1643.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-1643", "ID": "CVE-2016-1643",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent shadow DOM, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage \"type confusion.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html" "lang": "eng",
}, "value": "The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent shadow DOM, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage \"type confusion.\""
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=589838", ]
"refsource" : "CONFIRM", },
"url" : "https://code.google.com/p/chromium/issues/detail?id=589838" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://codereview.chromium.org/1732753004", "description": [
"refsource" : "CONFIRM", {
"url" : "https://codereview.chromium.org/1732753004" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3513", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3513" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2016:0817", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00066.html" "name": "1035259",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035259"
"name" : "openSUSE-SU-2016:0818", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00067.html" "name": "https://code.google.com/p/chromium/issues/detail?id=589838",
}, "refsource": "CONFIRM",
{ "url": "https://code.google.com/p/chromium/issues/detail?id=589838"
"name" : "openSUSE-SU-2016:0828", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00073.html" "name": "DSA-3513",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3513"
"name" : "USN-2920-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2920-1" "name": "openSUSE-SU-2016:0818",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00067.html"
"name" : "84224", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/84224" "name": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html",
}, "refsource": "CONFIRM",
{ "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html"
"name" : "1035259", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035259" "name": "84224",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/84224"
} },
} {
"name": "openSUSE-SU-2016:0828",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00073.html"
},
{
"name": "openSUSE-SU-2016:0817",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00066.html"
},
{
"name": "USN-2920-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2920-1"
},
{
"name": "https://codereview.chromium.org/1732753004",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1732753004"
}
]
}
}

230
2016/1xxx/CVE-2016-1649.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-1649", "ID": "CVE-2016-1649",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted shader stages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-224", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-224" "lang": "eng",
}, "value": "The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted shader stages."
{ }
"name" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://chromium-review.googlesource.com/334448", "description": [
"refsource" : "CONFIRM", {
"url" : "https://chromium-review.googlesource.com/334448" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=595836", ]
"refsource" : "CONFIRM", }
"url" : "https://code.google.com/p/chromium/issues/detail?id=595836" ]
}, },
{ "references": {
"name" : "DSA-3531", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3531" "name": "https://code.google.com/p/chromium/issues/detail?id=595836",
}, "refsource": "CONFIRM",
{ "url": "https://code.google.com/p/chromium/issues/detail?id=595836"
"name" : "GLSA-201605-02", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201605-02" "name": "RHSA-2016:0525",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0525.html"
"name" : "RHSA-2016:0525", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0525.html" "name": "openSUSE-SU-2016:0929",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html"
"name" : "openSUSE-SU-2016:1059", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html" "name": "openSUSE-SU-2016:1059",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html"
"name" : "openSUSE-SU-2016:0929", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html" "name": "https://chromium-review.googlesource.com/334448",
}, "refsource": "CONFIRM",
{ "url": "https://chromium-review.googlesource.com/334448"
"name" : "openSUSE-SU-2016:0930", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html" "name": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html",
}, "refsource": "CONFIRM",
{ "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html"
"name" : "USN-2955-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2955-1" "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-224",
}, "refsource": "MISC",
{ "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-224"
"name" : "1035423", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035423" "name": "DSA-3531",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2016/dsa-3531"
} },
} {
"name": "1035423",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035423"
},
{
"name": "openSUSE-SU-2016:0930",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html"
},
{
"name": "USN-2955-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2955-1"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}

130
2016/1xxx/CVE-2016-1789.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-1789", "ID": "CVE-2016-1789",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apple iBooks Author before 2.4.1 allows remote attackers to read arbitrary files via an iBooks Author file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/kb/HT206224", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT206224" "lang": "eng",
}, "value": "Apple iBooks Author before 2.4.1 allows remote attackers to read arbitrary files via an iBooks Author file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
{ }
"name" : "APPLE-SA-2016-03-31-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00008.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/kb/HT206224",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT206224"
},
{
"name": "APPLE-SA-2016-03-31-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00008.html"
}
]
}
}

34
2016/5xxx/CVE-2016-5089.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5089", "ID": "CVE-2016-5089",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2016/5xxx/CVE-2016-5680.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cert@cert.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2016-5680", "ID": "CVE-2016-5680",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary code via the sn parameter to the transfer_license command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "40200", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/40200/" "lang": "eng",
}, "value": "Stack-based buffer overflow in cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary code via the sn parameter to the transfer_license command."
{ }
"name" : "VU#856152", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/856152" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92318", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92318" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#856152",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/856152"
},
{
"name": "92318",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92318"
},
{
"name": "40200",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40200/"
}
]
}
}

190
2016/5xxx/CVE-2016-5873.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5873", "ID": "CVE-2016-5873",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the HTTP URL parsing functions in pecl_http before 3.0.1 might allow remote attackers to execute arbitrary code via non-printable characters in a URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160629 CVE Request - PECL-HTTP 3.0.0 Buffer overflow", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/06/29/1" "lang": "eng",
}, "value": "Buffer overflow in the HTTP URL parsing functions in pecl_http before 3.0.1 might allow remote attackers to execute arbitrary code via non-printable characters in a URL."
{ }
"name" : "[oss-security] 20160629 Re: CVE Request - PECL-HTTP 3.0.0 Buffer overflow", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/06/29/4" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.php.net/bug.php?id=71719", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.php.net/bug.php?id=71719" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/m6w6/ext-http/commit/3724cd76a28be1d6049b5537232e97ac", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/m6w6/ext-http/commit/3724cd76a28be1d6049b5537232e97ac" ]
}, },
{ "references": {
"name" : "https://pecl.php.net/package/pecl_http/3.0.1", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://pecl.php.net/package/pecl_http/3.0.1" "name": "[oss-security] 20160629 CVE Request - PECL-HTTP 3.0.0 Buffer overflow",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/06/29/1"
"name" : "https://security.netapp.com/advisory/ntap-20180112-0001/", },
"refsource" : "CONFIRM", {
"url" : "https://security.netapp.com/advisory/ntap-20180112-0001/" "name": "95863",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/95863"
"name" : "GLSA-201612-17", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201612-17" "name": "[oss-security] 20160629 Re: CVE Request - PECL-HTTP 3.0.0 Buffer overflow",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/06/29/4"
"name" : "95863", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95863" "name": "https://security.netapp.com/advisory/ntap-20180112-0001/",
} "refsource": "CONFIRM",
] "url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
} },
} {
"name": "GLSA-201612-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-17"
},
{
"name": "https://github.com/m6w6/ext-http/commit/3724cd76a28be1d6049b5537232e97ac",
"refsource": "CONFIRM",
"url": "https://github.com/m6w6/ext-http/commit/3724cd76a28be1d6049b5537232e97ac"
},
{
"name": "https://bugs.php.net/bug.php?id=71719",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=71719"
},
{
"name": "https://pecl.php.net/package/pecl_http/3.0.1",
"refsource": "CONFIRM",
"url": "https://pecl.php.net/package/pecl_http/3.0.1"
}
]
}
}

142
2018/2xxx/CVE-2018-2560.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2560", "ID": "CVE-2018-2560",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Solaris Operating System", "product_name": "Solaris Operating System",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "11.3" "version_value": "11.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Solaris accessible data. CVSS 3.0 Base Score 5.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Solaris accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "lang": "eng",
}, "value": "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Solaris accessible data. CVSS 3.0 Base Score 5.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N)."
{ }
"name" : "102617", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102617" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040215", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040215" "lang": "eng",
} "value": "Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Solaris accessible data."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "1040215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040215"
},
{
"name": "102617",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102617"
}
]
}
}

150
2018/2xxx/CVE-2018-2717.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2717", "ID": "CVE-2018-2717",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Solaris Operating System", "product_name": "Solaris Operating System",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "10" "version_value": "10"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "11.3" "version_value": "11.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SPARC Platform). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Solaris accessible data as well as unauthorized access to critical data or complete access to all Solaris accessible data. CVSS 3.0 Base Score 6.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Solaris accessible data as well as unauthorized access to critical data or complete access to all Solaris accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "lang": "eng",
}, "value": "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SPARC Platform). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Solaris accessible data as well as unauthorized access to critical data or complete access to all Solaris accessible data. CVSS 3.0 Base Score 6.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N)."
{ }
"name" : "102613", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102613" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040215", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040215" "lang": "eng",
} "value": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Solaris accessible data as well as unauthorized access to critical data or complete access to all Solaris accessible data."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "1040215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040215"
},
{
"name": "102613",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102613"
}
]
}
}

182
2018/2xxx/CVE-2018-2780.json
View File

@ -1,93 +1,93 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2780", "ID": "CVE-2018-2780",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.7.21 and prior" "version_value": "5.7.21 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20180419-0002/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20180419-0002/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2018:3655", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3655" "lang": "eng",
}, "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
{ }
"name" : "USN-3629-1", ]
"refsource" : "UBUNTU", }
"url" : "https://usn.ubuntu.com/3629-1/" ]
}, },
{ "references": {
"name" : "USN-3629-3", "reference_data": [
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3629-3/" "name": "1040698",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1040698"
"name" : "103778", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/103778" "name": "https://security.netapp.com/advisory/ntap-20180419-0002/",
}, "refsource": "CONFIRM",
{ "url": "https://security.netapp.com/advisory/ntap-20180419-0002/"
"name" : "1040698", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040698" "name": "103778",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/103778"
} },
} {
"name": "RHSA-2018:3655",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3655"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "USN-3629-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3629-1/"
},
{
"name": "USN-3629-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3629-3/"
}
]
}
}

132
2018/2xxx/CVE-2018-2989.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2989", "ID": "CVE-2018-2989",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "iLearning", "product_name": "iLearning",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "6.2" "version_value": "6.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Administration). The supported version that is affected is 6.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iLearning, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iLearning accessible data as well as unauthorized update, insert or delete access to some of Oracle iLearning accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iLearning, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iLearning accessible data as well as unauthorized update, insert or delete access to some of Oracle iLearning accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Administration). The supported version that is affected is 6.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iLearning, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iLearning accessible data as well as unauthorized update, insert or delete access to some of Oracle iLearning accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N)."
{ }
"name" : "104792", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/104792" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iLearning, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iLearning accessible data as well as unauthorized update, insert or delete access to some of Oracle iLearning accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104792",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104792"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
}
]
}
}

34
2019/0xxx/CVE-2019-0077.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0077", "ID": "CVE-2019-0077",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0264.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0264", "ID": "CVE-2019-0264",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0323.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0323", "ID": "CVE-2019-0323",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1141.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1141", "ID": "CVE-2019-1141",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

478
2019/1xxx/CVE-2019-1600.json
View File

@ -1,241 +1,241 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC" : "2019-03-06T16:00:00-0800", "DATE_PUBLIC": "2019-03-06T16:00:00-0800",
"ID" : "CVE-2019-1600", "ID": "CVE-2019-1600",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Cisco FXOS and NX-OS Software Unauthorized Directory Access Vulnerability" "TITLE": "Cisco FXOS and NX-OS Software Unauthorized Directory Access Vulnerability"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Firepower 4100 Series Next-Generation Firewalls", "product_name": "Firepower 4100 Series Next-Generation Firewalls",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "2.2.2.91" "version_value": "2.2.2.91"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "2.3.1.110" "version_value": "2.3.1.110"
} }
] ]
} }
}, },
{ {
"product_name" : "Firepower 9300 Series Next-Generation Firewalls", "product_name": "Firepower 9300 Series Next-Generation Firewalls",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "2.2.2.91" "version_value": "2.2.2.91"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "2.3.1.110" "version_value": "2.3.1.110"
} }
] ]
} }
}, },
{ {
"product_name" : "MDS 9000 Series Multilayer Switches", "product_name": "MDS 9000 Series Multilayer Switches",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "6.2(25)" "version_value": "6.2(25)"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "8.1(1b)" "version_value": "8.1(1b)"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "8.3(1)" "version_value": "8.3(1)"
} }
] ]
} }
}, },
{ {
"product_name" : "Nexus 3000 Series Switches", "product_name": "Nexus 3000 Series Switches",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.0(3)I4(9)" "version_value": "7.0(3)I4(9)"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.0(3)I7(4)" "version_value": "7.0(3)I7(4)"
} }
] ]
} }
}, },
{ {
"product_name" : "Nexus 3500 Platform Switches", "product_name": "Nexus 3500 Platform Switches",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "6.0(2)A8(10)" "version_value": "6.0(2)A8(10)"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.0(3)I7(4)" "version_value": "7.0(3)I7(4)"
} }
] ]
} }
}, },
{ {
"product_name" : "Nexus 3600 Platform Switches ", "product_name": "Nexus 3600 Platform Switches ",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.0(3)F3(5)" "version_value": "7.0(3)F3(5)"
} }
] ]
} }
}, },
{ {
"product_name" : "Nexus 2000, 5500, 5600, and 6000 Series Switches", "product_name": "Nexus 2000, 5500, 5600, and 6000 Series Switches",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.1(5)N1(1b)" "version_value": "7.1(5)N1(1b)"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.3(3)N1(1)" "version_value": "7.3(3)N1(1)"
} }
] ]
} }
}, },
{ {
"product_name" : "Nexus 7000 and 7700 Series Switches", "product_name": "Nexus 7000 and 7700 Series Switches",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "6.2(22)" "version_value": "6.2(22)"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.3(3)D1(1)" "version_value": "7.3(3)D1(1)"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "8.2(3)" "version_value": "8.2(3)"
} }
] ]
} }
}, },
{ {
"product_name" : "Nexus 9000 Series Switches-Standalone", "product_name": "Nexus 9000 Series Switches-Standalone",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.0(3)I4(9)" "version_value": "7.0(3)I4(9)"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.0(3)I7(4)" "version_value": "7.0(3)I7(4)"
} }
] ]
} }
}, },
{ {
"product_name" : "Nexus 9500 R-Series Line Cards and Fabric Modules", "product_name": "Nexus 9500 R-Series Line Cards and Fabric Modules",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.0(3)F3(5)" "version_value": "7.0(3)F3(5)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cisco" "vendor_name": "Cisco"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file system of an affected system. The vulnerability is due to improper implementation of file system permissions. An attacker could exploit this vulnerability by accessing and modifying restricted files. A successful exploit could allow the attacker to access sensitive and critical files. Firepower 4100 Series Next-Generation Firewalls are affected in versions prior to 2.2.2.91 and 2.3.1.110. Firepower 9300 Series Next-Generation Firewalls are affected in versions prior to 2.2.2.91 and 2.3.1.110. MDS 9000 Series Multilayer Switches are affected in versions prior to 6.2(25), 8.1(1b), and 8.3(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 6.0(2)A8(10) and 7.0(3)I7(4). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 2000, 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.1(5)N1(1b) and 7.3(3)N1(1). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(22), 7.3(3)D1(1), and 8.2(3). Nexus 9000 Series Switches-Standalone are affected in versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5)."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact" : {
"cvss" : {
"baseScore" : "6.7",
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H ",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-264"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20190306 Cisco FXOS and NX-OS Software Unauthorized Directory Access Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-directory" "lang": "eng",
}, "value": "A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive information that is stored in the file system of an affected system. The vulnerability is due to improper implementation of file system permissions. An attacker could exploit this vulnerability by accessing and modifying restricted files. A successful exploit could allow the attacker to access sensitive and critical files. Firepower 4100 Series Next-Generation Firewalls are affected in versions prior to 2.2.2.91 and 2.3.1.110. Firepower 9300 Series Next-Generation Firewalls are affected in versions prior to 2.2.2.91 and 2.3.1.110. MDS 9000 Series Multilayer Switches are affected in versions prior to 6.2(25), 8.1(1b), and 8.3(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 3500 Platform Switches are affected in versions prior to 6.0(2)A8(10) and 7.0(3)I7(4). Nexus 3600 Platform Switches are affected in versions prior to 7.0(3)F3(5). Nexus 2000, 5500, 5600, and 6000 Series Switches are affected in versions prior to 7.1(5)N1(1b) and 7.3(3)N1(1). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(22), 7.3(3)D1(1), and 8.2(3). Nexus 9000 Series Switches-Standalone are affected in versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 9500 R-Series Line Cards and Fabric Modules are affected in versions prior to 7.0(3)F3(5)."
{ }
"name" : "107399", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/107399" "exploit": [
}, {
{ "lang": "eng",
"name" : "107404", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/107404" ],
} "impact": {
] "cvss": {
}, "baseScore": "6.7",
"source" : { "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H ",
"advisory" : "cisco-sa-20190306-nxos-directory", "version": "3.0"
"defect" : [ }
[ },
"CSCvh75886", "problemtype": {
"CSCvh75949", "problemtype_data": [
"CSCvi96549", {
"CSCvi96551", "description": [
"CSCvi96554", {
"CSCvi96559" "lang": "eng",
] "value": "CWE-264"
], }
"discovery" : "INTERNAL" ]
} }
} ]
},
"references": {
"reference_data": [
{
"name": "107399",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107399"
},
{
"name": "20190306 Cisco FXOS and NX-OS Software Unauthorized Directory Access Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-directory"
},
{
"name": "107404",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107404"
}
]
},
"source": {
"advisory": "cisco-sa-20190306-nxos-directory",
"defect": [
[
"CSCvh75886",
"CSCvh75949",
"CSCvi96549",
"CSCvi96551",
"CSCvi96554",
"CSCvi96559"
]
],
"discovery": "INTERNAL"
}
}

202
2019/1xxx/CVE-2019-1671.json
View File

@ -1,103 +1,103 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC" : "2019-02-06T16:00:00-0800", "DATE_PUBLIC": "2019-02-06T16:00:00-0800",
"ID" : "CVE-2019-1671", "ID": "CVE-2019-1671",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Cisco Firepower Management Center Cross-Site Scripting Vulnerability" "TITLE": "Cisco Firepower Management Center Cross-Site Scripting Vulnerability"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Firepower Management Center ", "product_name": "Cisco Firepower Management Center ",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.1" "version_value": "6.1"
}, },
{ {
"version_value" : "6.2" "version_value": "6.2"
}, },
{ {
"version_value" : "6.3" "version_value": "6.3"
}, },
{ {
"version_value" : "6.4" "version_value": "6.4"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cisco" "vendor_name": "Cisco"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact" : {
"cvss" : {
"baseScore" : "6.1",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N ",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-79"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20190206 Cisco Firepower Management Center Cross-Site Scripting Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-fmc-xss" "lang": "eng",
}, "value": "A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
{ }
"name" : "106927", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106927" "exploit": [
} {
] "lang": "eng",
}, "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
"source" : { }
"advisory" : "cisco-sa-20190206-fmc-xss", ],
"defect" : [ "impact": {
[ "cvss": {
"CSCvn05797" "baseScore": "6.1",
] "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N ",
], "version": "3.0"
"discovery" : "INTERNAL" }
} },
} "problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106927",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106927"
},
{
"name": "20190206 Cisco Firepower Management Center Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-fmc-xss"
}
]
},
"source": {
"advisory": "cisco-sa-20190206-fmc-xss",
"defect": [
[
"CSCvn05797"
]
],
"discovery": "INTERNAL"
}
}

34
2019/1xxx/CVE-2019-1737.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1737", "ID": "CVE-2019-1737",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4157.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4157", "ID": "CVE-2019-4157",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4430.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4430", "ID": "CVE-2019-4430",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4590.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4590", "ID": "CVE-2019-4590",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4624.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4624", "ID": "CVE-2019-4624",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5073.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5073", "ID": "CVE-2019-5073",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5159.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5159", "ID": "CVE-2019-5159",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5466.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5466", "ID": "CVE-2019-5466",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5813.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5813", "ID": "CVE-2019-5813",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9294.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9294", "ID": "CVE-2019-9294",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }