admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:33:19 +00:00
parent d3c6f33add
commit c112b27671
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
68 changed files with 3986 additions and 3986 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

230
2007/0xxx/CVE-2007-0220.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2007-0220", "ID": "CVE-2007-0220",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2000 SP3, and 2003 SP1 and SP2 allows remote attackers to execute arbitrary scripts, spoof content, or obtain sensitive information via certain UTF-encoded, script-based e-mail attachments, involving an \"incorrectly handled UTF character set label\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBST02214", "description_data": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2000 SP3, and 2003 SP1 and SP2 allows remote attackers to execute arbitrary scripts, spoof content, or obtain sensitive information via certain UTF-encoded, script-based e-mail attachments, involving an \"incorrectly handled UTF character set label\"."
{ }
"name" : "SSRT071422", ]
"refsource" : "HP", },
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS07-026", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-026" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA07-128A", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" ]
}, },
{ "references": {
"name" : "VU#124113", "reference_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/124113" "name": "HPSBST02214",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name" : "23806", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23806" "name": "1018015",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018015"
"name" : "ADV-2007-1711", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1711" "name": "MS07-026",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-026"
"name" : "34389", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/34389" "name": "SSRT071422",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name" : "oval:org.mitre.oval:def:1371", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1371" "name": "VU#124113",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/124113"
"name" : "1018015", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018015" "name": "23806",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23806"
"name" : "25183", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25183" "name": "25183",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25183"
"name" : "exchange-utf-xss(33887)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33887" "name": "TA07-128A",
} "refsource": "CERT",
] "url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html"
} },
} {
"name": "ADV-2007-1711",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1711"
},
{
"name": "oval:org.mitre.oval:def:1371",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1371"
},
{
"name": "exchange-utf-xss(33887)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33887"
},
{
"name": "34389",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34389"
}
]
}
}

200
2007/0xxx/CVE-2007-0319.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2007-0319", "ID": "CVE-2007-0319",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in the Motive ActiveEmailTest.EmailData (ActiveUtils EmailData) ActiveX control in ActiveUtils.dll in Motive Service Activation Manager 5.1 and Self Service Manager 5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.motive.com/securitybulletin_08122007.asp", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.motive.com/securitybulletin_08122007.asp" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in the Motive ActiveEmailTest.EmailData (ActiveUtils EmailData) ActiveX control in ActiveUtils.dll in Motive Service Activation Manager 5.1 and Self Service Manager 5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors."
{ }
"name" : "MS07-045", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-045" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#747233", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/747233" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25312", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25312" ]
}, },
{ "references": {
"name" : "ADV-2007-2881", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2881" "name": "25312",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25312"
"name" : "37710", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37710" "name": "http://www.motive.com/securitybulletin_08122007.asp",
}, "refsource": "CONFIRM",
{ "url": "http://www.motive.com/securitybulletin_08122007.asp"
"name" : "1018571", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018571" "name": "MS07-045",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-045"
"name" : "26481", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26481" "name": "ADV-2007-2881",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2881"
"name" : "activeutils-emaildata-bo(36034)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36034" "name": "activeutils-emaildata-bo(36034)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36034"
} },
} {
"name": "VU#747233",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/747233"
},
{
"name": "26481",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26481"
},
{
"name": "37710",
"refsource": "OSVDB",
"url": "http://osvdb.org/37710"
},
{
"name": "1018571",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018571"
}
]
}
}

160
2007/0xxx/CVE-2007-0441.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0441", "ID": "CVE-2007-0441",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to execute arbitrary commands via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBMA02176", "description_data": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/456623/100/100/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to execute arbitrary commands via unknown vectors."
{ }
"name" : "SSRT05103", ]
"refsource" : "HP", },
"url" : "http://www.securityfocus.com/archive/1/456623/100/100/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0153", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0153" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "32728", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/32728" ]
}, },
{ "references": {
"name" : "1017504", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017504" "name": "SSRT05103",
} "refsource": "HP",
] "url": "http://www.securityfocus.com/archive/1/456623/100/100/threaded"
} },
} {
"name": "HPSBMA02176",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/456623/100/100/threaded"
},
{
"name": "32728",
"refsource": "OSVDB",
"url": "http://osvdb.org/32728"
},
{
"name": "1017504",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017504"
},
{
"name": "ADV-2007-0153",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0153"
}
]
}
}

210
2007/0xxx/CVE-2007-0608.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0608", "ID": "CVE-2007-0608",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Advanced Guestbook 2.4.2 allows remote attackers to obtain sensitive information via an invalid (1) GB_TBL parameter to (a) lang/codes-english.php or (b) image.php, which reveal the database name; (2) an invalid GB_DB parameter to index.php, coupled with a ../index lang cookie, which reveals the installation path; or (3) a direct request to index.php with no parameters or cookies, which reveals the installation path."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070507 Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/467940/100/0/threaded" "lang": "eng",
}, "value": "Advanced Guestbook 2.4.2 allows remote attackers to obtain sensitive information via an invalid (1) GB_TBL parameter to (a) lang/codes-english.php or (b) image.php, which reveal the database name; (2) an invalid GB_DB parameter to index.php, coupled with a ../index lang cookie, which reveals the installation path; or (3) a direct request to index.php with no parameters or cookies, which reveals the installation path."
{ }
"name" : "http://www.netvigilance.com/advisory0011", ]
"refsource" : "MISC", },
"url" : "http://www.netvigilance.com/advisory0011" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34362", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34362" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-1726", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/1726" ]
}, },
{ "references": {
"name" : "33876", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/33876" "name": "33879",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/33879"
"name" : "33878", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/33878" "name": "20070507 Advanced Guestbook version 2.4.2 Multiple Error Information Leak Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/467940/100/0/threaded"
"name" : "33879", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/33879" "name": "http://www.netvigilance.com/advisory0011",
}, "refsource": "MISC",
{ "url": "http://www.netvigilance.com/advisory0011"
"name" : "25153", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25153" "name": "advanced-multiple-script-info-disclosure(34161)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34161"
"name" : "2661", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2661" "name": "2661",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2661"
"name" : "advanced-multiple-script-info-disclosure(34161)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34161" "name": "ADV-2007-1726",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/1726"
} },
} {
"name": "33878",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/33878"
},
{
"name": "34362",
"refsource": "OSVDB",
"url": "http://osvdb.org/34362"
},
{
"name": "33876",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/33876"
},
{
"name": "25153",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25153"
}
]
}
}

230
2007/0xxx/CVE-2007-0859.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0859", "ID": "CVE-2007-0859",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070213 SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/460059/100/0/threaded" "lang": "eng",
}, "value": "The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys."
{ }
"name" : "20070222 RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/460954/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070222 Re: Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/460911/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20070222 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/460908/100/0/threaded" ]
}, },
{ "references": {
"name" : "20070222 SYMSA-2007-002-1: Palm OS Treo Find Feature System Password Bypass", "reference_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/460901/100/0/threaded" "name": "20070222 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/460908/100/0/threaded"
"name" : "20070216 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass", },
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/460328/100/0/threaded" "name": "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt",
}, "refsource": "MISC",
{ "url": "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt"
"name" : "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt", },
"refsource" : "MISC", {
"url" : "http://www.symantec.com/enterprise/research/SYMSA-2007-002.txt" "name": "20070222 SYMSA-2007-002-1: Palm OS Treo Find Feature System Password Bypass",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/460901/100/0/threaded"
"name" : "http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445", },
"refsource" : "MISC", {
"url" : "http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445" "name": "33724",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/33724"
"name" : "22468", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22468" "name": "20070222 RE: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/460954/100/0/threaded"
"name" : "33724", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33724" "name": "20070222 Re: Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/460911/100/0/threaded"
"name" : "2260", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2260" "name": "palmos-findfeature-security-bypass(32502)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32502"
"name" : "palmos-findfeature-security-bypass(32502)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32502" "name": "http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445",
} "refsource": "MISC",
] "url": "http://discussion.treocentral.com/showthread.php?p=1199445&posted=1#post1199445"
} },
} {
"name": "22468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22468"
},
{
"name": "20070216 Re: SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460328/100/0/threaded"
},
{
"name": "2260",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2260"
},
{
"name": "20070213 SYMSA-2007-002: Palm OS Treo Find Feature System Password Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460059/100/0/threaded"
}
]
}
}

160
2007/1xxx/CVE-2007-1188.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1188", "ID": "CVE-2007-1188",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebAPP before 0.9.9.5 allows remote attackers to submit Search form input that is not checked for (1) composition or (2) length, which has unknown impact, possibly related to \"search form hijacking\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250" "lang": "eng",
}, "value": "WebAPP before 0.9.9.5 allows remote attackers to submit Search form input that is not checked for (1) composition or (2) length, which has unknown impact, possibly related to \"search form hijacking\"."
{ }
"name" : "22563", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22563" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0604", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0604" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33299", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/33299" ]
}, },
{ "references": {
"name" : "24080", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24080" "name": "33299",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/33299"
} },
} {
"name": "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250",
"refsource": "CONFIRM",
"url": "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250"
},
{
"name": "ADV-2007-0604",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0604"
},
{
"name": "24080",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24080"
},
{
"name": "22563",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22563"
}
]
}
}

170
2007/1xxx/CVE-2007-1339.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1339", "ID": "CVE-2007-1339",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in Links Management Application 1.0 allows remote attackers to execute arbitrary SQL commands via the lcnt parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3416", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3416" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in Links Management Application 1.0 allows remote attackers to execute arbitrary SQL commands via the lcnt parameter."
{ }
"name" : "22825", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22825" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0849", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0849" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33862", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/33862" ]
}, },
{ "references": {
"name" : "24355", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24355" "name": "22825",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22825"
"name" : "links-index-sql-injection(32813)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32813" "name": "ADV-2007-0849",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/0849"
} },
} {
"name": "3416",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3416"
},
{
"name": "33862",
"refsource": "OSVDB",
"url": "http://osvdb.org/33862"
},
{
"name": "24355",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24355"
},
{
"name": "links-index-sql-injection(32813)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32813"
}
]
}
}

150
2007/1xxx/CVE-2007-1582.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1582", "ID": "CVE-2007-1582",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify internal resources."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3525", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3525" "lang": "eng",
}, "value": "The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify internal resources."
{ }
"name" : "http://www.php-security.org/MOPB/MOPB-27-2007.html", ]
"refsource" : "MISC", },
"url" : "http://www.php-security.org/MOPB/MOPB-27-2007.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "23046", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23046" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24542", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/24542" ]
} },
] "references": {
} "reference_data": [
} {
"name": "23046",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23046"
},
{
"name": "3525",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3525"
},
{
"name": "24542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24542"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-27-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-27-2007.html"
}
]
}
}

220
2007/1xxx/CVE-2007-1680.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1680", "ID": "CVE-2007-1680",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control (yacscom.dll) in Yahoo! Messenger before 20070313 allows remote attackers to execute arbitrary code via long (1) socksHostname and (2) hostname properties."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070403 ZDI-07-012: Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/464607/100/0/threaded" "lang": "eng",
}, "value": "Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control (yacscom.dll) in Yahoo! Messenger before 20070313 allows remote attackers to execute arbitrary code via long (1) socksHostname and (2) hostname properties."
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-012.html", ]
"refsource" : "MISC", },
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-012.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://messenger.yahoo.com/security_update.php?id=031207", "description": [
"refsource" : "CONFIRM", {
"url" : "http://messenger.yahoo.com/security_update.php?id=031207" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "VU#388377", ]
"refsource" : "CERT-VN", }
"url" : "http://www.kb.cert.org/vuls/id/388377" ]
}, },
{ "references": {
"name" : "23291", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23291" "name": "yahoo-yahooaudioconf-activex-bo(33408)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33408"
"name" : "ADV-2007-1219", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1219" "name": "23291",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23291"
"name" : "34319", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34319" "name": "24742",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24742"
"name" : "1017867", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017867" "name": "VU#388377",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/388377"
"name" : "24742", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24742" "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-012.html",
}, "refsource": "MISC",
{ "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-012.html"
"name" : "2523", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2523" "name": "2523",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2523"
"name" : "yahoo-yahooaudioconf-activex-bo(33408)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33408" "name": "ADV-2007-1219",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/1219"
} },
} {
"name": "34319",
"refsource": "OSVDB",
"url": "http://osvdb.org/34319"
},
{
"name": "1017867",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017867"
},
{
"name": "http://messenger.yahoo.com/security_update.php?id=031207",
"refsource": "CONFIRM",
"url": "http://messenger.yahoo.com/security_update.php?id=031207"
},
{
"name": "20070403 ZDI-07-012: Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464607/100/0/threaded"
}
]
}
}

120
2007/4xxx/CVE-2007-4006.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4006", "ID": "CVE-2007-4006",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 has unknown impact and remote attack vectors, aka ZD-00000034. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?" "lang": "eng",
} "value": "Buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 has unknown impact and remote attack vectors, aka ZD-00000034. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?",
"refsource": "MISC",
"url": "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?"
}
]
}
}

180
2007/4xxx/CVE-2007-4279.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4279", "ID": "CVE-2007-4279",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in config.php in FrontAccounting 1.12 Build 31 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_root parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4269", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4269" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in config.php in FrontAccounting 1.12 Build 31 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_root parameter."
{ }
"name" : "http://arfis.wordpress.com/2007/09/14/rfi-02-frontaccounting/", ]
"refsource" : "MISC", },
"url" : "http://arfis.wordpress.com/2007/09/14/rfi-02-frontaccounting/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25229", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25229" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-2809", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/2809" ]
}, },
{ "references": {
"name" : "36431", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36431" "name": "http://arfis.wordpress.com/2007/09/14/rfi-02-frontaccounting/",
}, "refsource": "MISC",
{ "url": "http://arfis.wordpress.com/2007/09/14/rfi-02-frontaccounting/"
"name" : "26350", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26350" "name": "fa-config-file-include(35873)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35873"
"name" : "fa-config-file-include(35873)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35873" "name": "26350",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/26350"
} },
} {
"name": "4269",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4269"
},
{
"name": "36431",
"refsource": "OSVDB",
"url": "http://osvdb.org/36431"
},
{
"name": "ADV-2007-2809",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2809"
},
{
"name": "25229",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25229"
}
]
}
}

190
2007/4xxx/CVE-2007-4822.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4822", "ID": "CVE-2007-4822",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as demonstrated by accessing (1) ap.html and (2) filter_ip.html."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070907 Buffalo AirStation WHR-G54S CSRF vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/478795/100/0/threaded" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as demonstrated by accessing (1) ap.html and (2) filter_ip.html."
{ }
"name" : "20070907 Re: Buffalo AirStation WHR-G54S CSRF vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/478801/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.louhi.fi/advisory/buffalo_070907.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.louhi.fi/advisory/buffalo_070907.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25588", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25588" ]
}, },
{ "references": {
"name" : "37665", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37665" "name": "http://www.louhi.fi/advisory/buffalo_070907.txt",
}, "refsource": "MISC",
{ "url": "http://www.louhi.fi/advisory/buffalo_070907.txt"
"name" : "26712", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26712" "name": "20070907 Re: Buffalo AirStation WHR-G54S CSRF vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/478801/100/0/threaded"
"name" : "3117", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3117" "name": "37665",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37665"
"name" : "buffalo-aoss-management-csrf(36492)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36492" "name": "20070907 Buffalo AirStation WHR-G54S CSRF vulnerability",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/478795/100/0/threaded"
} },
} {
"name": "buffalo-aoss-management-csrf(36492)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36492"
},
{
"name": "26712",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26712"
},
{
"name": "25588",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25588"
},
{
"name": "3117",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3117"
}
]
}
}

170
2007/4xxx/CVE-2007-4911.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4911", "ID": "CVE-2007-4911",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to cause a denial of service (daemon crash) via a long .mp3 URI to TCP port 8000. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4403", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4403" "lang": "eng",
}, "value": "JSMP3OGGWt.dll in JetCast Server 2.0.0.4308 allows remote attackers to cause a denial of service (daemon crash) via a long .mp3 URI to TCP port 8000. NOTE: some of these details are obtained from third party information."
{ }
"name" : "25660", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25660" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-3170", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3170" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "40520", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/40520" ]
}, },
{ "references": {
"name" : "26815", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26815" "name": "4403",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/4403"
"name" : "jetcast-jsmp3oggwt-dos(36607)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36607" "name": "ADV-2007-3170",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/3170"
} },
} {
"name": "40520",
"refsource": "OSVDB",
"url": "http://osvdb.org/40520"
},
{
"name": "26815",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26815"
},
{
"name": "jetcast-jsmp3oggwt-dos(36607)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36607"
},
{
"name": "25660",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25660"
}
]
}
}

180
2007/5xxx/CVE-2007-5569.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5569", "ID": "CVE-2007-5569",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071017 Multiple Vulnerabilities in Cisco PIX and ASA Appliance", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda56.shtml" "lang": "eng",
}, "value": "Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120."
{ }
"name" : "26104", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/26104" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-3531", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3531" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1018826", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1018826" ]
}, },
{ "references": {
"name" : "1018827", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018827" "name": "20071017 Multiple Vulnerabilities in Cisco PIX and ASA Appliance",
}, "refsource": "CISCO",
{ "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda56.shtml"
"name" : "27193", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27193" "name": "1018827",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018827"
"name" : "cisco-asa-pix-tls-dos(37260)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37260" "name": "27193",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/27193"
} },
} {
"name": "ADV-2007-3531",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3531"
},
{
"name": "1018826",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018826"
},
{
"name": "cisco-asa-pix-tls-dos(37260)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37260"
},
{
"name": "26104",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26104"
}
]
}
}

140
2007/5xxx/CVE-2007-5773.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5773", "ID": "CVE-2007-5773",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote attackers to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4561", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4561" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote attackers to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter."
{ }
"name" : "43635", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/43635" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "flatnuke3-filemanager-security-bypass(37413)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37413" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "flatnuke3-filemanager-security-bypass(37413)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37413"
},
{
"name": "4561",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4561"
},
{
"name": "43635",
"refsource": "OSVDB",
"url": "http://osvdb.org/43635"
}
]
}
}

130
2015/2xxx/CVE-2015-2089.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2089", "ID": "CVE-2015-2089",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the CrossSlide jQuery (crossslide-jquery-plugin-for-wordpress) plugin 2.0.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or conduct cross-site scripting (XSS) attacks via the (2) csj_width, (3) csj_height, (4) csj_sleep, (5) csj_fade, or (6) upload_image parameter in the thisismyurl_csj.php page to wp-admin/options-general.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/130313/WordPress-Cross-Slide-2.0.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/130313/WordPress-Cross-Slide-2.0.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the CrossSlide jQuery (crossslide-jquery-plugin-for-wordpress) plugin 2.0.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or conduct cross-site scripting (XSS) attacks via the (2) csj_width, (3) csj_height, (4) csj_sleep, (5) csj_fade, or (6) upload_image parameter in the thisismyurl_csj.php page to wp-admin/options-general.php."
{ }
"name" : "74894", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/74894" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/130313/WordPress-Cross-Slide-2.0.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130313/WordPress-Cross-Slide-2.0.5-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
},
{
"name": "74894",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74894"
}
]
}
}

150
2015/2xxx/CVE-2015-2091.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2091", "ID": "CVE-2015-2091",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The authentication hook (mgs_hook_authz) in mod-gnutls 0.5.10 and earlier does not validate client certificates when \"GnuTLSClientVerify require\" is set, which allows remote attackers to spoof clients via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://issues.outoforder.cc/view.php?id=93", "description_data": [
"refsource" : "MISC", {
"url" : "http://issues.outoforder.cc/view.php?id=93" "lang": "eng",
}, "value": "The authentication hook (mgs_hook_authz) in mod-gnutls 0.5.10 and earlier does not validate client certificates when \"GnuTLSClientVerify require\" is set, which allows remote attackers to spoof clients via a crafted certificate."
{ }
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578663", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578663" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3177", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3177" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201709-04", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201709-04" ]
} },
] "references": {
} "reference_data": [
} {
"name": "GLSA-201709-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-04"
},
{
"name": "DSA-3177",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3177"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578663",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578663"
},
{
"name": "http://issues.outoforder.cc/view.php?id=93",
"refsource": "MISC",
"url": "http://issues.outoforder.cc/view.php?id=93"
}
]
}
}

140
2015/2xxx/CVE-2015-2113.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2015-2113", "ID": "CVE-2015-2113",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in HP Easy Deploy, as distributed standalone and in HP Easy Tools before 3.0.1.1650, on HP Thin Client t5540, t5740, and t5740e devices and HP Flexible Thin Client t510, t520, t610, t620, and t820 devices allows remote attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBHF03310", "description_data": [
"refsource" : "HP", {
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04629160" "lang": "eng",
}, "value": "Unspecified vulnerability in HP Easy Deploy, as distributed standalone and in HP Easy Tools before 3.0.1.1650, on HP Thin Client t5540, t5740, and t5740e devices and HP Flexible Thin Client t510, t520, t610, t620, and t820 devices allows remote attackers to execute arbitrary code via unknown vectors."
{ }
"name" : "SSRT101680", ]
"refsource" : "HP", },
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04629160" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "73964", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73964" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "HPSBHF03310",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04629160"
},
{
"name": "SSRT101680",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04629160"
},
{
"name": "73964",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73964"
}
]
}
}

120
2015/2xxx/CVE-2015-2143.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2143", "ID": "CVE-2015-2143",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to hijack the authentication of users for requests that cause an unspecified impact via unknown parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150227 Re: CVE-Request -- phpBugTracker v. 1.6.0 -- Multiple SQLi, stored/reflecting XSS- and CSRF-vulnerabilities", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/02/28/1" "lang": "eng",
} "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to hijack the authentication of users for requests that cause an unspecified impact via unknown parameters."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150227 Re: CVE-Request -- phpBugTracker v. 1.6.0 -- Multiple SQLi, stored/reflecting XSS- and CSRF-vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/28/1"
}
]
}
}

130
2015/2xxx/CVE-2015-2771.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2771", "ID": "CVE-2015-2771",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Mail Server in Websense TRITON AP-EMAIL and V-Series appliances before 8.0.0 uses plaintext credentials, which allows remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" "lang": "eng",
}, "value": "The Mail Server in Websense TRITON AP-EMAIL and V-Series appliances before 8.0.0 uses plaintext credentials, which allows remote attackers to obtain sensitive information via unspecified vectors."
{ }
"name" : "73428", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/73428" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name": "73428",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73428"
}
]
}
}

150
2015/3xxx/CVE-2015-3101.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-3101", "ID": "CVE-2015-3101",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Flash broker in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, when Internet Explorer is used, allows attackers to perform a transition from Low Integrity to Medium Integrity via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html" "lang": "eng",
}, "value": "The Flash broker in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, when Internet Explorer is used, allows attackers to perform a transition from Low Integrity to Medium Integrity via unspecified vectors."
{ }
"name" : "GLSA-201506-01", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201506-01" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "75089", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75089" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1032519", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1032519" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html"
},
{
"name": "1032519",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032519"
},
{
"name": "GLSA-201506-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201506-01"
},
{
"name": "75089",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75089"
}
]
}
}

170
2015/3xxx/CVE-2015-3804.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-3804", "ID": "CVE-2015-3804",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/kb/HT205030", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205030" "lang": "eng",
}, "value": "FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file, a different vulnerability than CVE-2015-5756 and CVE-2015-5775."
{ }
"name" : "https://support.apple.com/kb/HT205031", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/kb/HT205031" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2015-08-13-2", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-08-13-3", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" ]
}, },
{ "references": {
"name" : "76343", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76343" "name": "https://support.apple.com/kb/HT205030",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT205030"
"name" : "1033275", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033275" "name": "1033275",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1033275"
} },
} {
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "APPLE-SA-2015-08-13-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "76343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76343"
}
]
}
}

120
2015/6xxx/CVE-2015-6374.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-6374", "ID": "CVE-2015-6374",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, aka Bug ID CSCux10604."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20151117 Cisco Firepower 9000 Series Switch Clickjacking Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151117-firepower4" "lang": "eng",
} "value": "The web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, aka Bug ID CSCux10604."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20151117 Cisco Firepower 9000 Series Switch Clickjacking Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151117-firepower4"
}
]
}
}

130
2015/6xxx/CVE-2015-6433.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-6433", "ID": "CVE-2015-6433",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCut66767."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160105 Cisco Unified Communications Manager SQL Injection Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160105-cucm" "lang": "eng",
}, "value": "SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCut66767."
{ }
"name" : "1034583", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034583" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034583",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034583"
},
{
"name": "20160105 Cisco Unified Communications Manager SQL Injection Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160105-cucm"
}
]
}
}

120
2015/6xxx/CVE-2015-6482.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-6482", "ID": "CVE-2015-6482",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Runtime Toolkit before 2.4.7.48 in 3S-Smart CODESYS before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-288-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-288-01" "lang": "eng",
} "value": "Runtime Toolkit before 2.4.7.48 in 3S-Smart CODESYS before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted request."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-288-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-288-01"
}
]
}
}

34
2015/6xxx/CVE-2015-6666.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-6666", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-6666",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
} }
] ]
} }
} }

34
2015/6xxx/CVE-2015-6950.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6950", "ID": "CVE-2015-6950",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2015/7xxx/CVE-2015-7286.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2015-7286", "ID": "CVE-2015-7286",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://cybergibbons.com/?p=2844", "description_data": [
"refsource" : "MISC", {
"url" : "http://cybergibbons.com/?p=2844" "lang": "eng",
}, "value": "CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic."
{ }
"name" : "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL", ]
"refsource" : "CONFIRM", },
"url" : "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#428280", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/428280" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#428280",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/428280"
},
{
"name": "http://cybergibbons.com/?p=2844",
"refsource": "MISC",
"url": "http://cybergibbons.com/?p=2844"
},
{
"name": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/BLUU-A3NQAL"
}
]
}
}

120
2015/7xxx/CVE-2015-7292.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cert@cert.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2015-7292", "ID": "CVE-2015-7292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Amazon Fire OS before 2016-01-15", "product_name": "Amazon Fire OS before 2016-01-15",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Amazon Fire OS before 2016-01-15" "version_value": "Amazon Fire OS before 2016-01-15"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://marcograss.github.io/security/android/cve/2016/01/15/cve-2015-7292-amazon-kernel-stack-buffer-overflow.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://marcograss.github.io/security/android/cve/2016/01/15/cve-2015-7292-amazon-kernel-stack-buffer-overflow.html" "lang": "eng",
} "value": "Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://marcograss.github.io/security/android/cve/2016/01/15/cve-2015-7292-amazon-kernel-stack-buffer-overflow.html",
"refsource": "MISC",
"url": "https://marcograss.github.io/security/android/cve/2016/01/15/cve-2015-7292-amazon-kernel-stack-buffer-overflow.html"
}
]
}
}

210
2015/7xxx/CVE-2015-7626.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-7626", "ID": "CVE-2015-7626",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7627, CVE-2015-7630, CVE-2015-7633, and CVE-2015-7634."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html" "lang": "eng",
}, "value": "Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7627, CVE-2015-7630, CVE-2015-7633, and CVE-2015-7634."
{ }
"name" : "GLSA-201511-02", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201511-02" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2015:2024", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2024.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2015:1893", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1893.html" ]
}, },
{ "references": {
"name" : "SUSE-SU-2015:1740", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html" "name": "RHSA-2015:2024",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2024.html"
"name" : "SUSE-SU-2015:1742", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html" "name": "openSUSE-SU-2015:1744",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html"
"name" : "openSUSE-SU-2015:1744", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html" "name": "77065",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/77065"
"name" : "openSUSE-SU-2015:1781", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html" "name": "SUSE-SU-2015:1742",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html"
"name" : "77065", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77065" "name": "RHSA-2015:1893",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1893.html"
"name" : "1033797", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033797" "name": "GLSA-201511-02",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201511-02"
} },
} {
"name": "1033797",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033797"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html"
},
{
"name": "SUSE-SU-2015:1740",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html"
},
{
"name": "openSUSE-SU-2015:1781",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html"
}
]
}
}

140
2015/7xxx/CVE-2015-7761.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7761", "ID": "CVE-2015-7761",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mail in Apple OS X before 10.11 does not properly recognize user preferences, which allows attackers to obtain sensitive information via an unspecified action during the printing of an e-mail message, a different vulnerability than CVE-2015-7760."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT205267", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205267" "lang": "eng",
}, "value": "Mail in Apple OS X before 10.11 does not properly recognize user preferences, which allows attackers to obtain sensitive information via an unspecified action during the printing of an e-mail message, a different vulnerability than CVE-2015-7760."
{ }
"name" : "APPLE-SA-2015-09-30-3", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "76908", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76908" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2015-09-30-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"name": "https://support.apple.com/HT205267",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205267"
},
{
"name": "76908",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76908"
}
]
}
}

160
2016/0xxx/CVE-2016-0002.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-0002", "ID": "CVE-2016-0002",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160112 Microsoft Internet Explorer VBScript \"Assignvar\" Use-After-Free Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1215" "lang": "eng",
}, "value": "The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\""
{ }
"name" : "MS16-001", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-001" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS16-003", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-003" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1034648", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1034648" ]
}, },
{ "references": {
"name" : "1034650", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034650" "name": "1034650",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1034650"
} },
} {
"name": "1034648",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034648"
},
{
"name": "MS16-003",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-003"
},
{
"name": "MS16-001",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-001"
},
{
"name": "20160112 Microsoft Internet Explorer VBScript \"Assignvar\" Use-After-Free Vulnerability",
"refsource": "IDEFENSE",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1215"
}
]
}
}

160
2016/0xxx/CVE-2016-0062.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-0062", "ID": "CVE-2016-0062",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-158", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-158" "lang": "eng",
}, "value": "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\""
{ }
"name" : "MS16-009", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-009" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS16-011", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-011" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1034971", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1034971" ]
}, },
{ "references": {
"name" : "1034972", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034972" "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-158",
} "refsource": "MISC",
] "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-158"
} },
} {
"name": "1034972",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034972"
},
{
"name": "1034971",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034971"
},
{
"name": "MS16-009",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-009"
},
{
"name": "MS16-011",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-011"
}
]
}
}

160
2016/0xxx/CVE-2016-0420.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0420", "ID": "CVE-2016-0420",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via unknown vectors related to Monitoring and Diagnostics."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160825 Onapsis Security Advisory ONAPSIS-2016-011: JD Edwards Server Manager Create users", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2016/Aug/126" "lang": "eng",
}, "value": "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via unknown vectors related to Monitoring and Diagnostics."
{ }
"name" : "http://packetstormsecurity.com/files/138509/JD-Edwards-9.1-EnterpriseOne-Server-Create-Users.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/138509/JD-Edwards-9.1-EnterpriseOne-Server-Create-Users.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.onapsis.com/research/security-advisories/jd-edwards-server-manager-create-user", "description": [
"refsource" : "MISC", {
"url" : "https://www.onapsis.com/research/security-advisories/jd-edwards-server-manager-create-user" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" ]
}, },
{ "references": {
"name" : "1034722", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034722" "name": "20160825 Onapsis Security Advisory ONAPSIS-2016-011: JD Edwards Server Manager Create users",
} "refsource": "FULLDISC",
] "url": "http://seclists.org/fulldisclosure/2016/Aug/126"
} },
} {
"name": "1034722",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034722"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "https://www.onapsis.com/research/security-advisories/jd-edwards-server-manager-create-user",
"refsource": "MISC",
"url": "https://www.onapsis.com/research/security-advisories/jd-edwards-server-manager-create-user"
},
{
"name": "http://packetstormsecurity.com/files/138509/JD-Edwards-9.1-EnterpriseOne-Server-Create-Users.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138509/JD-Edwards-9.1-EnterpriseOne-Server-Create-Users.html"
}
]
}
}

130
2016/0xxx/CVE-2016-0566.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0566", "ID": "CVE-2016-0566",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via unknown vectors related to Deliverables."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via unknown vectors related to Deliverables."
{ }
"name" : "1034726", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034726" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "1034726",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034726"
}
]
}
}

34
2016/0xxx/CVE-2016-0880.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-0880", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-0880",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

34
2016/1000xxx/CVE-2016-1000004.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1000004", "ID": "CVE-2016-1000004",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2016/1xxx/CVE-2016-1114.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-1114", "ID": "CVE-2016-1114",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/coldfusion/apsb16-16.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/coldfusion/apsb16-16.html" "lang": "eng",
}, "value": "Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
{ }
"name" : "90506", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/90506" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90506",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90506"
},
{
"name": "https://helpx.adobe.com/security/products/coldfusion/apsb16-16.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/coldfusion/apsb16-16.html"
}
]
}
}

150
2016/1xxx/CVE-2016-1228.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-1228", "ID": "CVE-2016-1228",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability on NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allows remote attackers to hijack the authentication of arbitrary users."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://web116.jp/ced/support/news/contents/2016/20160627.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://web116.jp/ced/support/news/contents/2016/20160627.html" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability on NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allows remote attackers to hijack the authentication of arbitrary users."
{ }
"name" : "http://www.ntt-west.co.jp/kiki/support/flets/hgw4_mi/160627.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ntt-west.co.jp/kiki/support/flets/hgw4_mi/160627.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVN#45034304", "description": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN45034304/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "JVNDB-2016-000106", ]
"refsource" : "JVNDB", }
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000106" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.ntt-west.co.jp/kiki/support/flets/hgw4_mi/160627.html",
"refsource": "CONFIRM",
"url": "http://www.ntt-west.co.jp/kiki/support/flets/hgw4_mi/160627.html"
},
{
"name": "http://web116.jp/ced/support/news/contents/2016/20160627.html",
"refsource": "CONFIRM",
"url": "http://web116.jp/ced/support/news/contents/2016/20160627.html"
},
{
"name": "JVN#45034304",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN45034304/index.html"
},
{
"name": "JVNDB-2016-000106",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000106"
}
]
}
}

130
2016/1xxx/CVE-2016-1256.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1256", "ID": "CVE-2016-1256",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R7, 14.1 before 14.1R5, 14.1X53 before 14.1X53-D18 or 14.1X53-D30, 14.1X55 before 14.1X55-D25, 14.2 before 14.2R4, 15.1 before 15.1R2, and 15.1X49 before 15.1X49-D10 allow remote attackers to cause a denial of service via a malformed IGMPv3 packet, aka a \"multicast denial of service.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10714", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10714" "lang": "eng",
}, "value": "Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R7, 14.1 before 14.1R5, 14.1X53 before 14.1X53-D18 or 14.1X53-D30, 14.1X55 before 14.1X55-D25, 14.2 before 14.2R4, 15.1 before 15.1R2, and 15.1X49 before 15.1X49-D10 allow remote attackers to cause a denial of service via a malformed IGMPv3 packet, aka a \"multicast denial of service.\""
{ }
"name" : "1035107", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1035107" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035107",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035107"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10714",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10714"
}
]
}
}

140
2016/1xxx/CVE-2016-1423.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1423", "ID": "CVE-2016-1423",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco AsyncOS 8.0.2-069", "product_name": "Cisco AsyncOS 8.0.2-069",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco AsyncOS 8.0.2-069" "version_value": "Cisco AsyncOS 8.0.2-069"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the display of email messages in the Messages in Quarantine (MIQ) view in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a user to click a malicious link in the MIQ view. The malicious link could be used to facilitate a cross-site scripting (XSS) or HTML injection attack. More Information: CSCuz02235. Known Affected Releases: 8.0.2-069. Known Fixed Releases: 9.1.1-038 9.7.2-047."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "unspecified"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa4", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa4" "lang": "eng",
}, "value": "A vulnerability in the display of email messages in the Messages in Quarantine (MIQ) view in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a user to click a malicious link in the MIQ view. The malicious link could be used to facilitate a cross-site scripting (XSS) or HTML injection attack. More Information: CSCuz02235. Known Affected Releases: 8.0.2-069. Known Fixed Releases: 9.1.1-038 9.7.2-047."
{ }
"name" : "93912", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93912" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037113", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037113" "lang": "eng",
} "value": "unspecified"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa4",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-esa4"
},
{
"name": "1037113",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037113"
},
{
"name": "93912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93912"
}
]
}
}

180
2016/4xxx/CVE-2016-4124.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-4124", "ID": "CVE-2016-4124",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083."
{ }
"name" : "MS16-083", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2016:1238", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1238" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2016:1613", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2016:1621", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" "name": "1036117",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036117"
"name" : "openSUSE-SU-2016:1625", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" "name": "MS16-083",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083"
"name" : "1036117", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036117" "name": "openSUSE-SU-2016:1625",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html"
} },
} {
"name": "RHSA-2016:1238",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1238"
},
{
"name": "openSUSE-SU-2016:1621",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html"
},
{
"name": "SUSE-SU-2016:1613",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html"
}
]
}
}

140
2016/4xxx/CVE-2016-4392.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security-alert@hpe.com", "ASSIGNER": "security-alert@hpe.com",
"ID" : "CVE-2016-4392", "ID": "CVE-2016-4392",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "HP Business Service Manager", "product_name": "HP Business Service Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "v9.1x, v9.20 - v9.25IP1" "version_value": "v9.1x, v9.20 - v9.25IP1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Hewlett Packard Enterprise" "vendor_name": "Hewlett Packard Enterprise"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote cross site scripting vulnerability has been identified in HP Business Service Management software v9.1x, v9.20 - v9.25IP1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "remote cross-site scripting (XSS)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05316329", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05316329" "lang": "eng",
}, "value": "A remote cross site scripting vulnerability has been identified in HP Business Service Management software v9.1x, v9.20 - v9.25IP1."
{ }
"name" : "93933", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93933" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037127", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037127" "lang": "eng",
} "value": "remote cross-site scripting (XSS)"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05316329",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05316329"
},
{
"name": "93933",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93933"
},
{
"name": "1037127",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037127"
}
]
}
}

150
2016/4xxx/CVE-2016-4699.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-4699", "ID": "CVE-2016-4699",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-4700."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT207170", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207170" "lang": "eng",
}, "value": "AppleUUC in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-4700."
{ }
"name" : "APPLE-SA-2016-09-20", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "93055", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93055" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1036858", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1036858" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1036858",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036858"
},
{
"name": "APPLE-SA-2016-09-20",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"name": "93055",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93055"
},
{
"name": "https://support.apple.com/HT207170",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207170"
}
]
}
}

358
2016/4xxx/CVE-2016-4839.json
View File

@ -1,184 +1,184 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-4839", "ID": "CVE-2016-4839",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Money Forward",
"version": {
"version_data": [
{
"version_value": "prior to v7.18.0"
}
]
}
},
{
"product_name": "Money Forward for The Gunma Bank",
"version": {
"version_data": [
{
"version_value": "prior to v1.2.0"
}
]
}
},
{
"product_name": "Money Forward for SHIGA BANK",
"version": {
"version_data": [
{
"version_value": "prior to v1.2.0"
}
]
}
},
{
"product_name": "Money Forward for SHIZUOKA BANK",
"version": {
"version_data": [
{
"version_value": "prior to v1.4.0"
}
]
}
},
{
"product_name": "Money Forward for SBI Sumishin Net Bank",
"version": {
"version_data": [
{
"version_value": "prior to v1.6.0"
}
]
}
},
{
"product_name": "Money Forward for Tokai Tokyo Securities",
"version": {
"version_data": [
{
"version_value": "prior to v1.4.0"
}
]
}
},
{
"product_name": "Money Forward for THE TOHO BANK",
"version": {
"version_data": [
{
"version_value": "prior to v1.3.0"
}
]
}
},
{
"product_name": "Money Forward for YMFG",
"version": {
"version_data": [
{
"version_value": "prior to v1.5.0"
}
]
}
}
]
},
"vendor_name": "Money Foward, Inc."
},
{
"product": {
"product_data": [
{
"product_name": "Money Forward for AppPass",
"version": {
"version_data": [
{
"version_value": "prior to v7.18.3"
}
]
}
},
{
"product_name": "Money Forward for au SMARTPASS",
"version": {
"version_data": [
{
"version_value": "prior to v7.18.0"
}
]
}
},
{
"product_name": "Money Forward for Chou Houdai",
"version": {
"version_data": [
{
"version_value": "prior to v7.18.3"
}
]
}
}
]
},
"vendor_name": "SOURCENEXT CORPORATION"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{ {
"product" : { "lang": "eng",
"product_data" : [ "value": "The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior to v1.6.0), Money Forward for Tokai Tokyo Securities (prior to v1.4.0), Money Forward for THE TOHO BANK (prior to v1.3.0), Money Forward for YMFG (prior to v1.5.0) provided by Money Forward, Inc. and Money Forward for AppPass (prior to v7.18.3), Money Forward for au SMARTPASS (prior to v7.18.0), Money Forward for Chou Houdai (prior to v7.18.3) provided by SOURCENEXT CORPORATION do not properly implement the WebView class, which allows an attacker to disclose information stored on the device via a specially crafted application."
{ }
"product_name" : "Money Forward", ]
"version" : { },
"version_data" : [ "problemtype": {
{ "problemtype_data": [
"version_value" : "prior to v7.18.0" {
} "description": [
] {
} "lang": "eng",
}, "value": "WebView implmentation issue"
{ }
"product_name" : "Money Forward for The Gunma Bank", ]
"version" : { }
"version_data" : [ ]
{ },
"version_value" : "prior to v1.2.0" "references": {
} "reference_data": [
] {
} "name": "http://www.sourcenext.com/support/i/160725_1",
}, "refsource": "MISC",
{ "url": "http://www.sourcenext.com/support/i/160725_1"
"product_name" : "Money Forward for SHIGA BANK",
"version" : {
"version_data" : [
{
"version_value" : "prior to v1.2.0"
}
]
}
},
{
"product_name" : "Money Forward for SHIZUOKA BANK",
"version" : {
"version_data" : [
{
"version_value" : "prior to v1.4.0"
}
]
}
},
{
"product_name" : "Money Forward for SBI Sumishin Net Bank",
"version" : {
"version_data" : [
{
"version_value" : "prior to v1.6.0"
}
]
}
},
{
"product_name" : "Money Forward for Tokai Tokyo Securities",
"version" : {
"version_data" : [
{
"version_value" : "prior to v1.4.0"
}
]
}
},
{
"product_name" : "Money Forward for THE TOHO BANK",
"version" : {
"version_data" : [
{
"version_value" : "prior to v1.3.0"
}
]
}
},
{
"product_name" : "Money Forward for YMFG",
"version" : {
"version_data" : [
{
"version_value" : "prior to v1.5.0"
}
]
}
}
]
},
"vendor_name" : "Money Foward, Inc."
}, },
{ {
"product" : { "name": "93035",
"product_data" : [ "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/93035"
"product_name" : "Money Forward for AppPass", },
"version" : { {
"version_data" : [ "name": "http://corp.moneyforward.com/info/20160920-mf-android/",
{ "refsource": "CONFIRM",
"version_value" : "prior to v7.18.3" "url": "http://corp.moneyforward.com/info/20160920-mf-android/"
} },
] {
} "name": "JVN#61297210",
}, "refsource": "JVN",
{ "url": "https://jvn.jp/en/jp/JVN61297210/index.html"
"product_name" : "Money Forward for au SMARTPASS",
"version" : {
"version_data" : [
{
"version_value" : "prior to v7.18.0"
}
]
}
},
{
"product_name" : "Money Forward for Chou Houdai",
"version" : {
"version_data" : [
{
"version_value" : "prior to v7.18.3"
}
]
}
}
]
},
"vendor_name" : "SOURCENEXT CORPORATION"
} }
] ]
} }
}, }
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior to v1.6.0), Money Forward for Tokai Tokyo Securities (prior to v1.4.0), Money Forward for THE TOHO BANK (prior to v1.3.0), Money Forward for YMFG (prior to v1.5.0) provided by Money Forward, Inc. and Money Forward for AppPass (prior to v7.18.3), Money Forward for au SMARTPASS (prior to v7.18.0), Money Forward for Chou Houdai (prior to v7.18.3) provided by SOURCENEXT CORPORATION do not properly implement the WebView class, which allows an attacker to disclose information stored on the device via a specially crafted application."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "WebView implmentation issue"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.sourcenext.com/support/i/160725_1",
"refsource" : "MISC",
"url" : "http://www.sourcenext.com/support/i/160725_1"
},
{
"name" : "http://corp.moneyforward.com/info/20160920-mf-android/",
"refsource" : "CONFIRM",
"url" : "http://corp.moneyforward.com/info/20160920-mf-android/"
},
{
"name" : "JVN#61297210",
"refsource" : "JVN",
"url" : "https://jvn.jp/en/jp/JVN61297210/index.html"
},
{
"name" : "93035",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93035"
}
]
}
}

140
2016/5xxx/CVE-2016-5976.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-5976", "ID": "CVE-2016-5976",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 allows remote authenticated users to discover component passwords via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21990216", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21990216" "lang": "eng",
}, "value": "The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 allows remote authenticated users to discover component passwords via unspecified vectors."
{ }
"name" : "93134", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93134" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "93136", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93136" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "93134",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93134"
},
{
"name": "93136",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93136"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21990216",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990216"
}
]
}
}

34
2019/0xxx/CVE-2019-0343.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0343", "ID": "CVE-2019-0343",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0872.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0872", "ID": "CVE-2019-0872",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0943.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0943", "ID": "CVE-2019-0943",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0992.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0992", "ID": "CVE-2019-0992",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3602.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3602", "ID": "CVE-2019-3602",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3636.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3636", "ID": "CVE-2019-3636",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3794.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3794", "ID": "CVE-2019-3794",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3796.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3796", "ID": "CVE-2019-3796",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4231.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4231", "ID": "CVE-2019-4231",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4542.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4542", "ID": "CVE-2019-4542",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4741.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4741", "ID": "CVE-2019-4741",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7039.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7039", "ID": "CVE-2019-7039",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7101.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7101", "ID": "CVE-2019-7101",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7611.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7611", "ID": "CVE-2019-7611",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

122
2019/8xxx/CVE-2019-8270.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vulnerability@kaspersky.com", "ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC" : "2019-03-01T00:00:00", "DATE_PUBLIC": "2019-03-01T00:00:00",
"ID" : "CVE-2019-8270", "ID": "CVE-2019-8270",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "UltraVNC", "product_name": "UltraVNC",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.2.2.3" "version_value": "1.2.2.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Kaspersky Lab" "vendor_name": "Kaspersky Lab"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1211."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-125: Out-of-bounds Read"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/" "lang": "eng",
} "value": "UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1211."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/"
}
]
}
}

34
2019/8xxx/CVE-2019-8384.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8384", "ID": "CVE-2019-8384",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8523.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8523", "ID": "CVE-2019-8523",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8819.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8819", "ID": "CVE-2019-8819",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9206.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9206", "ID": "CVE-2019-9206",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9315.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9315", "ID": "CVE-2019-9315",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2019/9xxx/CVE-2019-9547.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9547", "ID": "CVE-2019-9547",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e., virtual machine) could carefully construct a circular descriptor chain that would result in a partial denial of service in the SPDK vhost target, because the vhost target did not properly detect such chains."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/spdk/spdk/commit/eca42c66092b9031711afe215fbc1891ee55f143", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/spdk/spdk/commit/eca42c66092b9031711afe215fbc1891ee55f143" "lang": "eng",
}, "value": "In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e., virtual machine) could carefully construct a circular descriptor chain that would result in a partial denial of service in the SPDK vhost target, because the vhost target did not properly detect such chains."
{ }
"name" : "https://github.com/spdk/spdk/releases/tag/v19.01", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/spdk/spdk/releases/tag/v19.01" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/spdk/spdk/releases/tag/v19.01",
"refsource": "CONFIRM",
"url": "https://github.com/spdk/spdk/releases/tag/v19.01"
},
{
"name": "https://github.com/spdk/spdk/commit/eca42c66092b9031711afe215fbc1891ee55f143",
"refsource": "CONFIRM",
"url": "https://github.com/spdk/spdk/commit/eca42c66092b9031711afe215fbc1891ee55f143"
}
]
}
}

130
2019/9xxx/CVE-2019-9831.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9831", "ID": "CVE-2019-9831",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The AirMore application through 1.6.1 for Android allows remote attackers to cause a denial of service (system hang) via many simultaneous /?Key=PhoneRequestAuthorization requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "46381", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/46381" "lang": "eng",
}, "value": "The AirMore application through 1.6.1 for Android allows remote attackers to cause a denial of service (system hang) via many simultaneous /?Key=PhoneRequestAuthorization requests."
{ }
"name" : "https://www.youtube.com/watch?v=FJmZ_FfcdoU", ]
"refsource" : "MISC", },
"url" : "https://www.youtube.com/watch?v=FJmZ_FfcdoU" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "46381",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46381"
},
{
"name": "https://www.youtube.com/watch?v=FJmZ_FfcdoU",
"refsource": "MISC",
"url": "https://www.youtube.com/watch?v=FJmZ_FfcdoU"
}
]
}
}