admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:48:53 +00:00
parent eadb0f5b71
commit bd9c6eb038
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
65 changed files with 3725 additions and 3725 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
2007/0xxx/CVE-2007-0495.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0495",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in include/config.inc.php in PhpSherpa allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3161",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3161"
},
{
"name" : "ADV-2007-0263",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0263"
},
{
"name" : "31599",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/31599"
},
{
"name" : "23817",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23817"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in include/config.inc.php in PhpSherpa allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0263",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0263"
},
{
"name": "23817",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23817"
},
{
"name": "3161",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3161"
},
{
"name": "31599",
"refsource": "OSVDB",
"url": "http://osvdb.org/31599"
}
]
}
}

190
2007/0xxx/CVE-2007-0741.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0741",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 through 10.4.9, when Internet Sharing is enabled, allows remote attackers to execute arbitrary code via malformed RTSP packets."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0741",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://docs.info.apple.com/article.html?artnum=305391",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name" : "APPLE-SA-2007-04-19",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name" : "TA07-109A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name" : "23569",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23569"
},
{
"name" : "ADV-2007-1470",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1470"
},
{
"name" : "34865",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34865"
},
{
"name" : "1017942",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017942"
},
{
"name" : "24966",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24966"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 through 10.4.9, when Internet Sharing is enabled, allows remote attackers to execute arbitrary code via malformed RTSP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24966"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305391",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name": "23569",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23569"
},
{
"name": "1017942",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017942"
},
{
"name": "TA07-109A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "34865",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34865"
},
{
"name": "APPLE-SA-2007-04-19",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "ADV-2007-1470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1470"
}
]
}
}

200
2007/1xxx/CVE-2007-1474.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1474",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1474",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070315 Horde Project Cleanup Script Arbitrary File Deletion Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=489"
},
{
"name" : "[announce] 20070314 Horde 3.1.4 (final)",
"refsource" : "MLIST",
"url" : "http://lists.horde.org/archives/announce/2007/000315.html"
},
{
"name" : "DSA-1406",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1406"
},
{
"name" : "22985",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22985"
},
{
"name" : "ADV-2007-0965",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0965"
},
{
"name" : "1017784",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017784"
},
{
"name" : "1017785",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017785"
},
{
"name" : "27565",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27565"
},
{
"name" : "horde-cron-file-deletion(32997)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32997"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070315 Horde Project Cleanup Script Arbitrary File Deletion Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=489"
},
{
"name": "1017784",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017784"
},
{
"name": "27565",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27565"
},
{
"name": "horde-cron-file-deletion(32997)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32997"
},
{
"name": "22985",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22985"
},
{
"name": "1017785",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017785"
},
{
"name": "DSA-1406",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1406"
},
{
"name": "ADV-2007-0965",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0965"
},
{
"name": "[announce] 20070314 Horde 3.1.4 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2007/000315.html"
}
]
}
}

150
2007/3xxx/CVE-2007-3570.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3570",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Linux Access Gateway in Novell Access Manager before 3.0 SP1 Release Candidate 1 (RC1) allows remote attackers to bypass unspecified security controls via Fullwidth/Halfwidth Unicode encoded data in a HTTP POST request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.novell.com/documentation/novellaccessmanager/readme/accessmanager_readme.html#ban5hsz",
"refsource" : "CONFIRM",
"url" : "http://www.novell.com/documentation/novellaccessmanager/readme/accessmanager_readme.html#ban5hsz"
},
{
"name" : "https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html",
"refsource" : "CONFIRM",
"url" : "https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html"
},
{
"name" : "ADV-2007-2390",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2390"
},
{
"name" : "ADV-2007-3075",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3075"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Linux Access Gateway in Novell Access Manager before 3.0 SP1 Release Candidate 1 (RC1) allows remote attackers to bypass unspecified security controls via Fullwidth/Halfwidth Unicode encoded data in a HTTP POST request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2390",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2390"
},
{
"name": "ADV-2007-3075",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3075"
},
{
"name": "http://www.novell.com/documentation/novellaccessmanager/readme/accessmanager_readme.html#ban5hsz",
"refsource": "CONFIRM",
"url": "http://www.novell.com/documentation/novellaccessmanager/readme/accessmanager_readme.html#ban5hsz"
},
{
"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html"
}
]
}
}

140
2007/3xxx/CVE-2007-3617.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3617",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The report module in vtiger CRM before 5.0.3 does not properly apply security rules, which allows remote authenticated users to read arbitrary private module entries."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3617",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://trac.vtiger.com/cgi-bin/trac.cgi/report/9",
"refsource" : "CONFIRM",
"url" : "http://trac.vtiger.com/cgi-bin/trac.cgi/report/9"
},
{
"name" : "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2692",
"refsource" : "CONFIRM",
"url" : "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2692"
},
{
"name" : "45804",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45804"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The report module in vtiger CRM before 5.0.3 does not properly apply security rules, which allows remote authenticated users to read arbitrary private module entries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://trac.vtiger.com/cgi-bin/trac.cgi/report/9",
"refsource": "CONFIRM",
"url": "http://trac.vtiger.com/cgi-bin/trac.cgi/report/9"
},
{
"name": "45804",
"refsource": "OSVDB",
"url": "http://osvdb.org/45804"
},
{
"name": "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2692",
"refsource": "CONFIRM",
"url": "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2692"
}
]
}
}

170
2007/3xxx/CVE-2007-3684.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3684",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating Bar before 1.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) q and (2) t parameters in (a) db.php and (b) rpc.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3684",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.cirt.net/advisories/unobtrusive_ajax_star_rating.shtml",
"refsource" : "MISC",
"url" : "http://www.cirt.net/advisories/unobtrusive_ajax_star_rating.shtml"
},
{
"name" : "24840",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24840"
},
{
"name" : "35933",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/35933"
},
{
"name" : "35934",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/35934"
},
{
"name" : "25985",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25985"
},
{
"name" : "unobtrusive-ajax-dbrpc-sql-injection(35328)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35328"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating Bar before 1.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) q and (2) t parameters in (a) db.php and (b) rpc.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25985"
},
{
"name": "http://www.cirt.net/advisories/unobtrusive_ajax_star_rating.shtml",
"refsource": "MISC",
"url": "http://www.cirt.net/advisories/unobtrusive_ajax_star_rating.shtml"
},
{
"name": "35934",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/35934"
},
{
"name": "24840",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24840"
},
{
"name": "unobtrusive-ajax-dbrpc-sql-injection(35328)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35328"
},
{
"name": "35933",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/35933"
}
]
}
}

170
2007/3xxx/CVE-2007-3906.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3906",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Kaspersky Anti-Virus for Check Point FireWall-1 before Critical Fix 1 (5.5.161.0) might allow attackers to cause a denial of service (kernel hang) via unspecified vectors. NOTE: it is not clear whether there is an attacker role."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3906",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://support.kaspersky.com/checkpoint?qid=208279464",
"refsource" : "CONFIRM",
"url" : "http://support.kaspersky.com/checkpoint?qid=208279464"
},
{
"name" : "24932",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24932"
},
{
"name" : "ADV-2007-2561",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2561"
},
{
"name" : "36127",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36127"
},
{
"name" : "26064",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26064"
},
{
"name" : "kaspersky-checkpoint-unspecified-dos(35454)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35454"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Kaspersky Anti-Virus for Check Point FireWall-1 before Critical Fix 1 (5.5.161.0) might allow attackers to cause a denial of service (kernel hang) via unspecified vectors. NOTE: it is not clear whether there is an attacker role."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.kaspersky.com/checkpoint?qid=208279464",
"refsource": "CONFIRM",
"url": "http://support.kaspersky.com/checkpoint?qid=208279464"
},
{
"name": "24932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24932"
},
{
"name": "26064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26064"
},
{
"name": "kaspersky-checkpoint-unspecified-dos(35454)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35454"
},
{
"name": "36127",
"refsource": "OSVDB",
"url": "http://osvdb.org/36127"
},
{
"name": "ADV-2007-2561",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2561"
}
]
}
}

130
2007/4xxx/CVE-2007-4080.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4080",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php AlstraSoft E-Friends allows remote attackers to inject arbitrary web script or HTML via the p_id parameter in a people_card action. NOTE: this might overlap CVE-2006-2564."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4080",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html",
"refsource" : "MISC",
"url" : "http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html"
},
{
"name" : "37266",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37266"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php AlstraSoft E-Friends allows remote attackers to inject arbitrary web script or HTML via the p_id parameter in a people_card action. NOTE: this might overlap CVE-2006-2564."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html"
},
{
"name": "37266",
"refsource": "OSVDB",
"url": "http://osvdb.org/37266"
}
]
}
}

190
2007/4xxx/CVE-2007-4125.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4125",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "HPSBUX02248",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01087206"
},
{
"name" : "SSRT071437",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01087206"
},
{
"name" : "25147",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25147"
},
{
"name" : "oval:org.mitre.oval:def:5243",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5243"
},
{
"name" : "ADV-2007-2728",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2728"
},
{
"name" : "1018482",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018482"
},
{
"name" : "26279",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26279"
},
{
"name" : "hpux-arpatransport-dos(35702)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35702"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25147",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25147"
},
{
"name": "26279",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26279"
},
{
"name": "1018482",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018482"
},
{
"name": "oval:org.mitre.oval:def:5243",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5243"
},
{
"name": "HPSBUX02248",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01087206"
},
{
"name": "ADV-2007-2728",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2728"
},
{
"name": "SSRT071437",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01087206"
},
{
"name": "hpux-arpatransport-dos(35702)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35702"
}
]
}
}

180
2007/4xxx/CVE-2007-4289.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4289",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Sun Java System Portal Server 7.0 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3715."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4289",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070712 Whitepaper: Command Injection in XML Digital Signatures and Encryption",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/473553/100/0/threaded"
},
{
"name" : "http://www.isecpartners.com/advisories/2007-04-dsig.txt",
"refsource" : "MISC",
"url" : "http://www.isecpartners.com/advisories/2007-04-dsig.txt"
},
{
"name" : "http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf",
"refsource" : "MISC",
"url" : "http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf"
},
{
"name" : "103015",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103015-1"
},
{
"name" : "1018513",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1018513"
},
{
"name" : "26327",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26327"
},
{
"name" : "sun-jsps-xslt-code-execution(35811)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35811"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sun Java System Portal Server 7.0 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3715."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070712 Whitepaper: Command Injection in XML Digital Signatures and Encryption",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/473553/100/0/threaded"
},
{
"name": "http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf",
"refsource": "MISC",
"url": "http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf"
},
{
"name": "26327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26327"
},
{
"name": "sun-jsps-xslt-code-execution(35811)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35811"
},
{
"name": "1018513",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018513"
},
{
"name": "http://www.isecpartners.com/advisories/2007-04-dsig.txt",
"refsource": "MISC",
"url": "http://www.isecpartners.com/advisories/2007-04-dsig.txt"
},
{
"name": "103015",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103015-1"
}
]
}
}

210
2007/4xxx/CVE-2007-4391.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4391",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger 8.1.0.413 allows remote attackers to cause a denial of service (application crash) via a certain length field in JPEG2000 data, as demonstrated by sending an \"invite to view my webcam\" request, and then injecting a DLL into the attacker's peer Yahoo! Messenger application when this request is accepted."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.team509.com/expyahoo.rar",
"refsource" : "MISC",
"url" : "http://www.team509.com/expyahoo.rar"
},
{
"name" : "https://www.xfocus.net/bbs/index.php?act=ST&f=2&t=64639&page=1#entry321749",
"refsource" : "MISC",
"url" : "https://www.xfocus.net/bbs/index.php?act=ST&f=2&t=64639&page=1#entry321749"
},
{
"name" : "http://www.avertlabs.com/research/blog/index.php/2007/08/15/more-on-the-yahoo-messenger-webcam-0day/",
"refsource" : "MISC",
"url" : "http://www.avertlabs.com/research/blog/index.php/2007/08/15/more-on-the-yahoo-messenger-webcam-0day/"
},
{
"name" : "VU#515968",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/515968"
},
{
"name" : "25330",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25330"
},
{
"name" : "ADV-2007-2917",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2917"
},
{
"name" : "38221",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38221"
},
{
"name" : "1018586",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018586"
},
{
"name" : "26501",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26501"
},
{
"name" : "yahoo-messenger-webcam-bo(36115)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36115"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger 8.1.0.413 allows remote attackers to cause a denial of service (application crash) via a certain length field in JPEG2000 data, as demonstrated by sending an \"invite to view my webcam\" request, and then injecting a DLL into the attacker's peer Yahoo! Messenger application when this request is accepted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2917",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2917"
},
{
"name": "yahoo-messenger-webcam-bo(36115)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36115"
},
{
"name": "VU#515968",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/515968"
},
{
"name": "http://www.avertlabs.com/research/blog/index.php/2007/08/15/more-on-the-yahoo-messenger-webcam-0day/",
"refsource": "MISC",
"url": "http://www.avertlabs.com/research/blog/index.php/2007/08/15/more-on-the-yahoo-messenger-webcam-0day/"
},
{
"name": "http://www.team509.com/expyahoo.rar",
"refsource": "MISC",
"url": "http://www.team509.com/expyahoo.rar"
},
{
"name": "26501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26501"
},
{
"name": "25330",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25330"
},
{
"name": "38221",
"refsource": "OSVDB",
"url": "http://osvdb.org/38221"
},
{
"name": "1018586",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018586"
},
{
"name": "https://www.xfocus.net/bbs/index.php?act=ST&f=2&t=64639&page=1#entry321749",
"refsource": "MISC",
"url": "https://www.xfocus.net/bbs/index.php?act=ST&f=2&t=64639&page=1#entry321749"
}
]
}
}

180
2007/4xxx/CVE-2007-4873.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4873",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SimpNews 2.41.03 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download arbitrary .inc files via a direct request, as demonstrated by admin/includes/dbtables.inc."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4873",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070925 SimpNews version 2.41.03 File Content Disclosure Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/480601/100/0/threaded"
},
{
"name" : "20070925 SimpNews version 2.41.03 File Content Disclosure Vulnerability",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/066056.html"
},
{
"name" : "http://www.netvigilance.com/advisory0069",
"refsource" : "MISC",
"url" : "http://www.netvigilance.com/advisory0069"
},
{
"name" : "http://forum.boesch-it.de/viewtopic.php?t=2791",
"refsource" : "CONFIRM",
"url" : "http://forum.boesch-it.de/viewtopic.php?t=2791"
},
{
"name" : "45479",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45479"
},
{
"name" : "3173",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3173"
},
{
"name" : "simpnews-dbtables-information-disclosure(36778)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36778"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SimpNews 2.41.03 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download arbitrary .inc files via a direct request, as demonstrated by admin/includes/dbtables.inc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "simpnews-dbtables-information-disclosure(36778)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36778"
},
{
"name": "20070925 SimpNews version 2.41.03 File Content Disclosure Vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/066056.html"
},
{
"name": "http://forum.boesch-it.de/viewtopic.php?t=2791",
"refsource": "CONFIRM",
"url": "http://forum.boesch-it.de/viewtopic.php?t=2791"
},
{
"name": "3173",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3173"
},
{
"name": "45479",
"refsource": "OSVDB",
"url": "http://osvdb.org/45479"
},
{
"name": "20070925 SimpNews version 2.41.03 File Content Disclosure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480601/100/0/threaded"
},
{
"name": "http://www.netvigilance.com/advisory0069",
"refsource": "MISC",
"url": "http://www.netvigilance.com/advisory0069"
}
]
}
}

140
2014/5xxx/CVE-2014-5286.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5286",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveMatrix Policy Agent 3.x before 3.1.2, ActiveMatrix Policy Manager 3.x before 3.1.2, ActiveMatrix Management Agent 1.x before 1.2.1 for WCF, and ActiveMatrix Management Agent 1.x before 1.2.1 for WebSphere allows remote attackers to gain privileges and obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.tibco.com/assets/blt1b18947cad32d1c4/2014-007-advisory.txt",
"refsource" : "CONFIRM",
"url" : "http://www.tibco.com/assets/blt1b18947cad32d1c4/2014-007-advisory.txt"
},
{
"name" : "http://www.tibco.com/mk/advisory.jsp",
"refsource" : "CONFIRM",
"url" : "http://www.tibco.com/mk/advisory.jsp"
},
{
"name" : "http://www.tibco.com/services/support/advisories/activematrix-advisory_20150218",
"refsource" : "CONFIRM",
"url" : "http://www.tibco.com/services/support/advisories/activematrix-advisory_20150218"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveMatrix Policy Agent 3.x before 3.1.2, ActiveMatrix Policy Manager 3.x before 3.1.2, ActiveMatrix Management Agent 1.x before 1.2.1 for WCF, and ActiveMatrix Management Agent 1.x before 1.2.1 for WebSphere allows remote attackers to gain privileges and obtain sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/assets/blt1b18947cad32d1c4/2014-007-advisory.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/assets/blt1b18947cad32d1c4/2014-007-advisory.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "http://www.tibco.com/services/support/advisories/activematrix-advisory_20150218",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/services/support/advisories/activematrix-advisory_20150218"
}
]
}
}

140
2014/5xxx/CVE-2014-5441.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5441",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in app/views/layouts/application.html.haml in Fat Free CRM before 0.13.3 allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) first name, or (3) last name in a (a) create or (b) edit user action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5441",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.com/files/127978/Fatt-Free-CRM-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/127978/Fatt-Free-CRM-Cross-Site-Scripting.html"
},
{
"name" : "https://github.com/fatfreecrm/fat_free_crm/commit/95464495f1e3e714d5c295fe621af5d2e0d4238d",
"refsource" : "CONFIRM",
"url" : "https://github.com/fatfreecrm/fat_free_crm/commit/95464495f1e3e714d5c295fe621af5d2e0d4238d"
},
{
"name" : "https://github.com/fatfreecrm/fat_free_crm/wiki/XSS-vulnerability-%2826th-August-2014%29",
"refsource" : "CONFIRM",
"url" : "https://github.com/fatfreecrm/fat_free_crm/wiki/XSS-vulnerability-%2826th-August-2014%29"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in app/views/layouts/application.html.haml in Fat Free CRM before 0.13.3 allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) first name, or (3) last name in a (a) create or (b) edit user action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/fatfreecrm/fat_free_crm/wiki/XSS-vulnerability-%2826th-August-2014%29",
"refsource": "CONFIRM",
"url": "https://github.com/fatfreecrm/fat_free_crm/wiki/XSS-vulnerability-%2826th-August-2014%29"
},
{
"name": "http://packetstormsecurity.com/files/127978/Fatt-Free-CRM-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127978/Fatt-Free-CRM-Cross-Site-Scripting.html"
},
{
"name": "https://github.com/fatfreecrm/fat_free_crm/commit/95464495f1e3e714d5c295fe621af5d2e0d4238d",
"refsource": "CONFIRM",
"url": "https://github.com/fatfreecrm/fat_free_crm/commit/95464495f1e3e714d5c295fe621af5d2e0d4238d"
}
]
}
}

140
2014/5xxx/CVE-2014-5653.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5653",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Unblock Me FREE (aka com.kiragames.unblockmefree) application 1.4.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5653",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#993545",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/993545"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Unblock Me FREE (aka com.kiragames.unblockmefree) application 1.4.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#993545",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/993545"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/5xxx/CVE-2014-5771.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5771",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Credit Union of Texas Mobile (aka Fi_Mobile.CUOT) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5771",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#498017",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/498017"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Credit Union of Texas Mobile (aka Fi_Mobile.CUOT) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#498017",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/498017"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2015/2xxx/CVE-2015-2046.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2046",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in MantisBT 1.2.13 and later before 1.2.20."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20150220 Re: CVE request: XSS in MantisBT",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/02/21/1"
},
{
"name" : "[oss-security] 20150221 RE: CVE request: XSS in MantisBT",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/02/21/2"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1191130",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1191130"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in MantisBT 1.2.13 and later before 1.2.20."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1191130",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191130"
},
{
"name": "[oss-security] 20150221 RE: CVE request: XSS in MantisBT",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/21/2"
},
{
"name": "[oss-security] 20150220 Re: CVE request: XSS in MantisBT",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/21/1"
}
]
}
}

310
2015/2xxx/CVE-2015-2736.json
View File

@ -1,157 +1,157 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2736",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2015-2736",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-66.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-66.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1167888",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1167888"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name" : "DSA-3324",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3324"
},
{
"name" : "DSA-3300",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3300"
},
{
"name" : "GLSA-201512-10",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201512-10"
},
{
"name" : "RHSA-2015:1455",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1455.html"
},
{
"name" : "RHSA-2015:1207",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1207.html"
},
{
"name" : "SUSE-SU-2015:1268",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html"
},
{
"name" : "SUSE-SU-2015:1269",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html"
},
{
"name" : "SUSE-SU-2015:1449",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html"
},
{
"name" : "openSUSE-SU-2015:1266",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
},
{
"name" : "openSUSE-SU-2015:1229",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html"
},
{
"name" : "USN-2673-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2673-1"
},
{
"name" : "USN-2656-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2656-1"
},
{
"name" : "USN-2656-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2656-2"
},
{
"name" : "75541",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75541"
},
{
"name" : "1032783",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032783"
},
{
"name" : "1032784",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032784"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2015:1229",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html"
},
{
"name": "RHSA-2015:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1455.html"
},
{
"name": "SUSE-SU-2015:1268",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html"
},
{
"name": "GLSA-201512-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201512-10"
},
{
"name": "75541",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75541"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "DSA-3324",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3324"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1167888",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1167888"
},
{
"name": "USN-2673-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2673-1"
},
{
"name": "1032784",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032784"
},
{
"name": "RHSA-2015:1207",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1207.html"
},
{
"name": "http://www.mozilla.org/security/announce/2015/mfsa2015-66.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-66.html"
},
{
"name": "SUSE-SU-2015:1269",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html"
},
{
"name": "openSUSE-SU-2015:1266",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
},
{
"name": "USN-2656-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2656-1"
},
{
"name": "SUSE-SU-2015:1449",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html"
},
{
"name": "1032783",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032783"
},
{
"name": "DSA-3300",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3300"
},
{
"name": "USN-2656-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2656-2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
}

150
2015/2xxx/CVE-2015-2948.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2948",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the image processor in Zenphoto before 1.4.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-2948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.zenphoto.org/news/zenphoto-1.4.8",
"refsource" : "CONFIRM",
"url" : "http://www.zenphoto.org/news/zenphoto-1.4.8"
},
{
"name" : "JVN#68452022",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN68452022/index.html"
},
{
"name" : "JVNDB-2015-000070",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000070"
},
{
"name" : "74895",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74895"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the image processor in Zenphoto before 1.4.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#68452022",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN68452022/index.html"
},
{
"name": "http://www.zenphoto.org/news/zenphoto-1.4.8",
"refsource": "CONFIRM",
"url": "http://www.zenphoto.org/news/zenphoto-1.4.8"
},
{
"name": "JVNDB-2015-000070",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000070"
},
{
"name": "74895",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74895"
}
]
}
}

140
2015/2xxx/CVE-2015-2981.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2981",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Yodobashi App for Android 1.2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-2981",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "JVN#29053368",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN29053368/index.html"
},
{
"name" : "JVNDB-2015-000111",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000111.html"
},
{
"name" : "76266",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/76266"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Yodobashi App for Android 1.2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#29053368",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN29053368/index.html"
},
{
"name": "76266",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76266"
},
{
"name": "JVNDB-2015-000111",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000111.html"
}
]
}
}

140
2015/6xxx/CVE-2015-6052.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6052",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka \"VBScript and JScript ASLR Bypass.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-6052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS15-106",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106"
},
{
"name" : "MS15-108",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-108"
},
{
"name" : "1033800",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033800"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka \"VBScript and JScript ASLR Bypass.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS15-108",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-108"
},
{
"name": "1033800",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033800"
},
{
"name": "MS15-106",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106"
}
]
}
}

140
2015/6xxx/CVE-2015-6321.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6321",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security Appliance (ESA) devices; before 9.1.0-032, 9.1.1 before 9.1.1-005, and 9.5.x before 9.5.0-025 on Content Security Management Appliance (SMA) devices; and before 7.7.0-725 and 8.x before 8.0.8-113 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets, aka Bug IDs CSCus79774, CSCus79777, and CSCzv95795."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20151104 Cisco AsyncOS TCP Flood Denial of Service Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-aos"
},
{
"name" : "1034060",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034060"
},
{
"name" : "1034061",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034061"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security Appliance (ESA) devices; before 9.1.0-032, 9.1.1 before 9.1.1-005, and 9.5.x before 9.5.0-025 on Content Security Management Appliance (SMA) devices; and before 7.7.0-725 and 8.x before 8.0.8-113 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets, aka Bug IDs CSCus79774, CSCus79777, and CSCzv95795."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20151104 Cisco AsyncOS TCP Flood Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-aos"
},
{
"name": "1034060",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034060"
},
{
"name": "1034061",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034061"
}
]
}
}

34
2015/6xxx/CVE-2015-6453.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6453",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-6453",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}

130
2015/6xxx/CVE-2015-6538.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6538",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles authentication requests, which allows remote attackers to conduct LDAP injection attacks, and consequently bypass intended access restrictions, via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.epiphanyhealthdata.com/blog/certresponse",
"refsource" : "CONFIRM",
"url" : "http://www.epiphanyhealthdata.com/blog/certresponse"
},
{
"name" : "VU#630239",
"refsource" : "CERT-VN",
"url" : "https://www.kb.cert.org/vuls/id/630239"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles authentication requests, which allows remote attackers to conduct LDAP injection attacks, and consequently bypass intended access restrictions, via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.epiphanyhealthdata.com/blog/certresponse",
"refsource": "CONFIRM",
"url": "http://www.epiphanyhealthdata.com/blog/certresponse"
},
{
"name": "VU#630239",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/630239"
}
]
}
}

340
2015/6xxx/CVE-2015-6787.json
View File

@ -1,172 +1,172 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6787",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-6787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "39162",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/39162/"
},
{
"name" : "39163",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/39163/"
},
{
"name" : "39165",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/39165/"
},
{
"name" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=525330",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=525330"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=526286",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=526286"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=526441",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=526441"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=529554",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=529554"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=534621",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=534621"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=537823",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=537823"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=540949",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=540949"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=545173",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=545173"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=551460",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=551460"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=551503",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=551503"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=552046",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=552046"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=554115",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=554115"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=554151",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=554151"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=563930",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=563930"
},
{
"name" : "GLSA-201603-09",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-09"
},
{
"name" : "openSUSE-SU-2015:2290",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"
},
{
"name" : "openSUSE-SU-2015:2291",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"
},
{
"name" : "USN-2825-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2825-1"
},
{
"name" : "1034298",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034298"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://code.google.com/p/chromium/issues/detail?id=526286",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=526286"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=554151",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=554151"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=551503",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=551503"
},
{
"name": "39163",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39163/"
},
{
"name": "39165",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39165/"
},
{
"name": "39162",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39162/"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=552046",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=552046"
},
{
"name": "USN-2825-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2825-1"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=526441",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=526441"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=525330",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=525330"
},
{
"name": "openSUSE-SU-2015:2290",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=551460",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=551460"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=534621",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=534621"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=545173",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=545173"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=563930",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=563930"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=529554",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=529554"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=540949",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=540949"
},
{
"name": "GLSA-201603-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=554115",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=554115"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=537823",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=537823"
},
{
"name": "openSUSE-SU-2015:2291",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"
},
{
"name": "1034298",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034298"
}
]
}
}

160
2015/6xxx/CVE-2015-6923.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6923",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ndvbs module in VBox Communications Satellite Express Protocol 2.3.17.3 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x00000ffd ioctl call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20150917 KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/536491/100/0/threaded"
},
{
"name" : "38225",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/38225/"
},
{
"name" : "20150917 KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Sep/72"
},
{
"name" : "https://www.korelogic.com/Resources/Advisories/KL-001-2015-005.txt",
"refsource" : "MISC",
"url" : "https://www.korelogic.com/Resources/Advisories/KL-001-2015-005.txt"
},
{
"name" : "http://packetstormsecurity.com/files/133620/VBox-Satellite-Express-Arbitrary-Write-Privilege-Escalation.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/133620/VBox-Satellite-Express-Arbitrary-Write-Privilege-Escalation.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ndvbs module in VBox Communications Satellite Express Protocol 2.3.17.3 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x00000ffd ioctl call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150917 KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Sep/72"
},
{
"name": "http://packetstormsecurity.com/files/133620/VBox-Satellite-Express-Arbitrary-Write-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133620/VBox-Satellite-Express-Arbitrary-Write-Privilege-Escalation.html"
},
{
"name": "38225",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38225/"
},
{
"name": "20150917 KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536491/100/0/threaded"
},
{
"name": "https://www.korelogic.com/Resources/Advisories/KL-001-2015-005.txt",
"refsource": "MISC",
"url": "https://www.korelogic.com/Resources/Advisories/KL-001-2015-005.txt"
}
]
}
}

130
2015/7xxx/CVE-2015-7432.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7432",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Capacity Management Analytics 2.1.0.0 allows local users to decrypt usernames and passwords by leveraging access to setenv.sh and parameter.txt. IBM X-Force ID: 107861."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-7432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21974558",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21974558"
},
{
"name" : "ibm-cma-cve20157432-info-disc(107861)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/107861"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Capacity Management Analytics 2.1.0.0 allows local users to decrypt usernames and passwords by leveraging access to setenv.sh and parameter.txt. IBM X-Force ID: 107861."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21974558",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21974558"
},
{
"name": "ibm-cma-cve20157432-info-disc(107861)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/107861"
}
]
}
}

34
2015/7xxx/CVE-2015-7747.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7747",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7747",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

130
2015/7xxx/CVE-2015-7826.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7826",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://botan.randombit.net/security.html#id3",
"refsource" : "CONFIRM",
"url" : "https://botan.randombit.net/security.html#id3"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1311620",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1311620"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "botan 1.11.x before 1.11.22 improperly handles wildcard matching against hostnames, which might allow remote attackers to have unspecified impact via a valid X.509 certificate, as demonstrated by accepting *.example.com as a match for bar.foo.example.com."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311620",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311620"
},
{
"name": "https://botan.randombit.net/security.html#id3",
"refsource": "CONFIRM",
"url": "https://botan.randombit.net/security.html#id3"
}
]
}
}

34
2015/7xxx/CVE-2015-7883.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7883",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7883",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

130
2016/0xxx/CVE-2016-0431.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0431",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2016-0419."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name" : "1034735",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034735"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2016-0419."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "1034735",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034735"
}
]
}
}

150
2016/0xxx/CVE-2016-0770.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com",
"ID" : "CVE-2016-0770",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in includes/admin/pages/manage.php in the Connections Business Directory plugin before 8.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s variable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-0770",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160201 Wordpress plugin Reflected XSS in connections v8.5.8",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/02/02/1"
},
{
"name" : "http://www.vapidlabs.com/advisory.php?v=161",
"refsource" : "MISC",
"url" : "http://www.vapidlabs.com/advisory.php?v=161"
},
{
"name" : "https://wordpress.org/plugins/connections/changelog/",
"refsource" : "CONFIRM",
"url" : "https://wordpress.org/plugins/connections/changelog/"
},
{
"name" : "82355",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/82355"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in includes/admin/pages/manage.php in the Connections Business Directory plugin before 8.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vapidlabs.com/advisory.php?v=161",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=161"
},
{
"name": "https://wordpress.org/plugins/connections/changelog/",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/connections/changelog/"
},
{
"name": "[oss-security] 20160201 Wordpress plugin Reflected XSS in connections v8.5.8",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/02/02/1"
},
{
"name": "82355",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/82355"
}
]
}
}

120
2016/0xxx/CVE-2016-0878.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0878",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted ping requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-0878",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to cause a denial of service (cold start) by sending two crafted ping requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01"
}
]
}
}

140
2016/0xxx/CVE-2016-0895.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security_alert@emc.com",
"ID" : "CVE-2016-0895",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to conduct clickjacking attacks via web-site elements with crafted transparency or opacity."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2016-0895",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20160502 ESA-2016-041: RSA Data Loss Prevention Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://seclists.org/bugtraq/2016/May/9"
},
{
"name" : "http://packetstormsecurity.com/files/136888/RSA-Data-Loss-Prevention-XSS-Information-Disclosure.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/136888/RSA-Data-Loss-Prevention-XSS-Information-Disclosure.html"
},
{
"name" : "1035714",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035714"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to conduct clickjacking attacks via web-site elements with crafted transparency or opacity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160502 ESA-2016-041: RSA Data Loss Prevention Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2016/May/9"
},
{
"name": "1035714",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035714"
},
{
"name": "http://packetstormsecurity.com/files/136888/RSA-Data-Loss-Prevention-XSS-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/136888/RSA-Data-Loss-Prevention-XSS-Information-Disclosure.html"
}
]
}
}

34
2016/1000xxx/CVE-2016-1000164.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1000164",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000164",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

260
2016/10xxx/CVE-2016-10009.json
View File

@ -1,132 +1,132 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10009",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "40963",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/40963/"
},
{
"name" : "[oss-security] 20161219 Announce: OpenSSH 7.4 released",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/12/19/2"
},
{
"name" : "[debian-lts-announce] 20180910 [SECURITY] [DLA 1500-1] openssh security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html"
},
{
"name" : "http://packetstormsecurity.com/files/140261/OpenSSH-Arbitrary-Library-Loading.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/140261/OpenSSH-Arbitrary-Library-Loading.html"
},
{
"name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1009",
"refsource" : "MISC",
"url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1009"
},
{
"name" : "https://github.com/openbsd/src/commit/9476ce1dd37d3c3218d5640b74c34c65e5f4efe5",
"refsource" : "CONFIRM",
"url" : "https://github.com/openbsd/src/commit/9476ce1dd37d3c3218d5640b74c34c65e5f4efe5"
},
{
"name" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637",
"refsource" : "CONFIRM",
"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637"
},
{
"name" : "https://www.openssh.com/txt/release-7.4",
"refsource" : "CONFIRM",
"url" : "https://www.openssh.com/txt/release-7.4"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20171130-0002/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20171130-0002/"
},
{
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us",
"refsource" : "CONFIRM",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us"
},
{
"name" : "FreeBSD-SA-17:01",
"refsource" : "FREEBSD",
"url" : "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"name" : "RHSA-2017:2029",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2029"
},
{
"name" : "USN-3538-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3538-1/"
},
{
"name" : "94968",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94968"
},
{
"name" : "1037490",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037490"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/openbsd/src/commit/9476ce1dd37d3c3218d5640b74c34c65e5f4efe5",
"refsource": "CONFIRM",
"url": "https://github.com/openbsd/src/commit/9476ce1dd37d3c3218d5640b74c34c65e5f4efe5"
},
{
"name": "40963",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40963/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171130-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171130-0002/"
},
{
"name": "94968",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94968"
},
{
"name": "[oss-security] 20161219 Announce: OpenSSH 7.4 released",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/19/2"
},
{
"name": "1037490",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037490"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us"
},
{
"name": "FreeBSD-SA-17:01",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc"
},
{
"name": "USN-3538-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3538-1/"
},
{
"name": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637",
"refsource": "CONFIRM",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637"
},
{
"name": "RHSA-2017:2029",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2029"
},
{
"name": "http://packetstormsecurity.com/files/140261/OpenSSH-Arbitrary-Library-Loading.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/140261/OpenSSH-Arbitrary-Library-Loading.html"
},
{
"name": "[debian-lts-announce] 20180910 [SECURITY] [DLA 1500-1] openssh security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html"
},
{
"name": "https://www.openssh.com/txt/release-7.4",
"refsource": "CONFIRM",
"url": "https://www.openssh.com/txt/release-7.4"
},
{
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1009",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1009"
}
]
}
}

142
2016/10xxx/CVE-2016-10235.json
View File

@ -1,73 +1,73 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"DATE_PUBLIC" : "2017-04-03T00:00:00",
"ID" : "CVE-2016-10235",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Android",
"version" : {
"version_data" : [
{
"version_value" : "Android kernel"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A denial of service vulnerability in the Qualcomm WiFi driver. Product: Android. Versions: Android kernel. Android ID: A-34390620. References: QC-CR#1046409."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of service"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"DATE_PUBLIC": "2017-04-03T00:00:00",
"ID": "CVE-2016-10235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android kernel"
}
]
}
}
]
},
"vendor_name": "Google Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2017-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-04-01"
},
{
"name" : "97361",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97361"
},
{
"name" : "1038201",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038201"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A denial of service vulnerability in the Qualcomm WiFi driver. Product: Android. Versions: Android kernel. Android ID: A-34390620. References: QC-CR#1046409."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-04-01"
},
{
"name": "97361",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97361"
},
{
"name": "1038201",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038201"
}
]
}
}

132
2016/10xxx/CVE-2016-10458.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2016-10458",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Snapdragon Mobile",
"version" : {
"version_data" : [
{
"version_value" : "SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, and Snapdragon_High_Med_2016, the 'proper' solution for this will be to ensure that any users of qsee_log in the bootchain (before Linux boots) unallocate their buffers and clear the qsee_log pointer. Until support for that is implemented in TZ and the bootloader, enable tz_log to avoid potential scribbling. This solution will prevent the linux kernel memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Use of Uninitialized Variable in Core."
}
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2016-10458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Mobile",
"version": {
"version_data": [
{
"version_value": "SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name" : "103671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103671"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, and Snapdragon_High_Med_2016, the 'proper' solution for this will be to ensure that any users of qsee_log in the bootchain (before Linux boots) unallocate their buffers and clear the qsee_log pointer. Until support for that is implemented in TZ and the bootloader, enable tz_log to avoid potential scribbling. This solution will prevent the linux kernel memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Uninitialized Variable in Core."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

170
2016/1xxx/CVE-2016-1543.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1543",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-1543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20160328 BMC-2015-0011: Unauthorized password reset vulnerability in BMC Server Automation (BSA) (CVE-2016-1543)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/537910/100/0/threaded"
},
{
"name" : "43902",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/43902/"
},
{
"name" : "43939",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/43939/"
},
{
"name" : "http://packetstormsecurity.com/files/136462/BMC-Server-Automation-BSA-RSCD-Agent-Unauthorized-Password-Reset.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/136462/BMC-Server-Automation-BSA-RSCD-Agent-Unauthorized-Password-Reset.html"
},
{
"name" : "https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/",
"refsource" : "MISC",
"url" : "https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/"
},
{
"name" : "https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution",
"refsource" : "CONFIRM",
"url" : "https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/",
"refsource": "MISC",
"url": "https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/"
},
{
"name": "20160328 BMC-2015-0011: Unauthorized password reset vulnerability in BMC Server Automation (BSA) (CVE-2016-1543)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537910/100/0/threaded"
},
{
"name": "43902",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43902/"
},
{
"name": "43939",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43939/"
},
{
"name": "http://packetstormsecurity.com/files/136462/BMC-Server-Automation-BSA-RSCD-Agent-Unauthorized-Password-Reset.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/136462/BMC-Server-Automation-BSA-RSCD-Agent-Unauthorized-Password-Reset.html"
},
{
"name": "https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution",
"refsource": "CONFIRM",
"url": "https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution"
}
]
}
}

180
2016/1xxx/CVE-2016-1621.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1621",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to libwebm/mkvparser.cpp and other files, aka internal bug 23452792."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1621",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://source.android.com/security/bulletin/2016-03-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-03-01.html"
},
{
"name" : "https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d",
"refsource" : "CONFIRM",
"url" : "https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d"
},
{
"name" : "https://android.googlesource.com/platform/external/libvpx/+/5a9753fca56f0eeb9f61e342b2fccffc364f9426",
"refsource" : "CONFIRM",
"url" : "https://android.googlesource.com/platform/external/libvpx/+/5a9753fca56f0eeb9f61e342b2fccffc364f9426"
},
{
"name" : "https://android.googlesource.com/platform/frameworks/av/+/5a6788730acfc6fd8f4a6ef89d2c376572a26b55",
"refsource" : "CONFIRM",
"url" : "https://android.googlesource.com/platform/frameworks/av/+/5a6788730acfc6fd8f4a6ef89d2c376572a26b55"
},
{
"name" : "FEDORA-2016-fae59061fe",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179128.html"
},
{
"name" : "GLSA-201603-09",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-09"
},
{
"name" : "84239",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84239"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to libwebm/mkvparser.cpp and other files, aka internal bug 23452792."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d"
},
{
"name": "http://source.android.com/security/bulletin/2016-03-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-03-01.html"
},
{
"name": "https://android.googlesource.com/platform/external/libvpx/+/5a9753fca56f0eeb9f61e342b2fccffc364f9426",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/external/libvpx/+/5a9753fca56f0eeb9f61e342b2fccffc364f9426"
},
{
"name": "GLSA-201603-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name": "https://android.googlesource.com/platform/frameworks/av/+/5a6788730acfc6fd8f4a6ef89d2c376572a26b55",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/av/+/5a6788730acfc6fd8f4a6ef89d2c376572a26b55"
},
{
"name": "84239",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84239"
},
{
"name": "FEDORA-2016-fae59061fe",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179128.html"
}
]
}
}

150
2016/4xxx/CVE-2016-4161.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4161",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162, and CVE-2016-4163."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html"
},
{
"name" : "GLSA-201606-08",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201606-08"
},
{
"name" : "RHSA-2016:1079",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1079.html"
},
{
"name" : "90618",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/90618"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4120, CVE-2016-4160, CVE-2016-4162, and CVE-2016-4163."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201606-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-08"
},
{
"name": "90618",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90618"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html"
},
{
"name": "RHSA-2016:1079",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html"
}
]
}
}

120
2016/4xxx/CVE-2016-4365.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4365",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HPE Insight Control server deployment allows remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05150800",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05150800"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE Insight Control server deployment allows remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05150800",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05150800"
}
]
}
}

34
2016/4xxx/CVE-2016-4401.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4401",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4401",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

130
2016/4xxx/CVE-2016-4545.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4545",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, allow remote attackers to cause a denial of service (resource consumption and Traffic Management Microkernel restart) via an SSL alert during the handshake."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.f5.com/kb/en-us/solutions/public/k/48/sol48042976.html",
"refsource" : "CONFIRM",
"url" : "https://support.f5.com/kb/en-us/solutions/public/k/48/sol48042976.html"
},
{
"name" : "1036025",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036025"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, allow remote attackers to cause a denial of service (resource consumption and Traffic Management Microkernel restart) via an SSL alert during the handshake."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036025",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036025"
},
{
"name": "https://support.f5.com/kb/en-us/solutions/public/k/48/sol48042976.html",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/48/sol48042976.html"
}
]
}
}

34
2019/3xxx/CVE-2019-3007.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3007",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3007",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3484.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3484",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3484",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3727.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3727",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3727",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3845.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3845",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3845",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4100.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4100",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4100",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4431.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4431",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4431",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4483.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4483",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4483",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6032.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6032",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6032",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6644.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6644",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6644",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/7xxx/CVE-2019-7093.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7093",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7093",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/7xxx/CVE-2019-7430.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7430",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7430",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/7xxx/CVE-2019-7519.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7519",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7519",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

120
2019/7xxx/CVE-2019-7673.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7673",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administrator Credentials are stored in the 13-character DES hash format."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://gist.github.com/llandeilocymro/7dbe3daaab6d058d609fd9a0b24301cb",
"refsource" : "MISC",
"url" : "https://gist.github.com/llandeilocymro/7dbe3daaab6d058d609fd9a0b24301cb"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administrator Credentials are stored in the 13-character DES hash format."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/llandeilocymro/7dbe3daaab6d058d609fd9a0b24301cb",
"refsource": "MISC",
"url": "https://gist.github.com/llandeilocymro/7dbe3daaab6d058d609fd9a0b24301cb"
}
]
}
}

34
2019/7xxx/CVE-2019-7842.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7842",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7842",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8386.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8386",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8386",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8585.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8585",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8585",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8777.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8777",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8777",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

160
2019/8xxx/CVE-2019-8953.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8953",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The HAProxy package before 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, related to haproxy_listeners.php and haproxy_listeners_edit.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "46538",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46538/"
},
{
"name" : "https://cxsecurity.com/issue/WLB-2019020153",
"refsource" : "MISC",
"url" : "https://cxsecurity.com/issue/WLB-2019020153"
},
{
"name" : "https://github.com/pfsense/FreeBSD-ports/commit/2dded47b3202dfdf89aa96f84bf701b3d5acbe6c",
"refsource" : "MISC",
"url" : "https://github.com/pfsense/FreeBSD-ports/commit/2dded47b3202dfdf89aa96f84bf701b3d5acbe6c"
},
{
"name" : "https://github.com/pfsense/FreeBSD-ports/commit/3b40366aca55910b224ecf49d3fdacc9ad6c04f5",
"refsource" : "MISC",
"url" : "https://github.com/pfsense/FreeBSD-ports/commit/3b40366aca55910b224ecf49d3fdacc9ad6c04f5"
},
{
"name" : "https://redmine.pfsense.org/issues/9335",
"refsource" : "MISC",
"url" : "https://redmine.pfsense.org/issues/9335"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HAProxy package before 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, related to haproxy_listeners.php and haproxy_listeners_edit.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://redmine.pfsense.org/issues/9335",
"refsource": "MISC",
"url": "https://redmine.pfsense.org/issues/9335"
},
{
"name": "https://github.com/pfsense/FreeBSD-ports/commit/2dded47b3202dfdf89aa96f84bf701b3d5acbe6c",
"refsource": "MISC",
"url": "https://github.com/pfsense/FreeBSD-ports/commit/2dded47b3202dfdf89aa96f84bf701b3d5acbe6c"
},
{
"name": "https://cxsecurity.com/issue/WLB-2019020153",
"refsource": "MISC",
"url": "https://cxsecurity.com/issue/WLB-2019020153"
},
{
"name": "https://github.com/pfsense/FreeBSD-ports/commit/3b40366aca55910b224ecf49d3fdacc9ad6c04f5",
"refsource": "MISC",
"url": "https://github.com/pfsense/FreeBSD-ports/commit/3b40366aca55910b224ecf49d3fdacc9ad6c04f5"
},
{
"name": "46538",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46538/"
}
]
}
}

34
2019/9xxx/CVE-2019-9008.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9008",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9008",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9323.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9323",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9323",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9413.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9413",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9413",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}