admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:30:49 +00:00
parent 4b96c58fd8
commit c31544f7f1
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
62 changed files with 4017 additions and 4017 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

220
2007/0xxx/CVE-2007-0021.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0021", "ID": "CVE-2007-0021",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of service (null pointer dereference and application crash) and possibly execute arbitrary code via format string specifiers in an aim:// URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://projects.info-pull.com/moab/MOAB-20-01-2007.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://projects.info-pull.com/moab/MOAB-20-01-2007.html" "lang": "eng",
}, "value": "Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of service (null pointer dereference and application crash) and possibly execute arbitrary code via format string specifiers in an aim:// URI."
{ }
"name" : "http://docs.info.apple.com/article.html?artnum=305102", ]
"refsource" : "CONFIRM", },
"url" : "http://docs.info.apple.com/article.html?artnum=305102" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2007-02-15", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA07-047A", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-047A.html" ]
}, },
{ "references": {
"name" : "VU#794752", "reference_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/794752" "name": "APPLE-SA-2007-02-15",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html"
"name" : "22146", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22146" "name": "http://projects.info-pull.com/moab/MOAB-20-01-2007.html",
}, "refsource": "MISC",
{ "url": "http://projects.info-pull.com/moab/MOAB-20-01-2007.html"
"name" : "ADV-2007-0274", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0274" "name": "TA07-047A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-047A.html"
"name" : "32715", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32715" "name": "24198",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24198"
"name" : "1017661", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017661" "name": "1017661",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1017661"
"name" : "24198", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24198" "name": "ichat-aim-format-string(31679)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31679"
"name" : "ichat-aim-format-string(31679)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31679" "name": "ADV-2007-0274",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/0274"
} },
} {
"name": "VU#794752",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/794752"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305102",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305102"
},
{
"name": "22146",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22146"
},
{
"name": "32715",
"refsource": "OSVDB",
"url": "http://osvdb.org/32715"
}
]
}
}

810
2007/0xxx/CVE-2007-0494.json
View File

@ -1,407 +1,407 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-0494", "ID": "CVE-2007-0494",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the \"DNSSEC Validation\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html" "lang": "eng",
}, "value": "ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the \"DNSSEC Validation\" vulnerability."
{ }
"name" : "[bind-announce] 20070125 Internet Systems Consortium Security Advisory.", ]
"refsource" : "MLIST", },
"url" : "http://marc.info/?l=bind-announce&m=116968519300764&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8", ]
"refsource" : "CONFIRM", }
"url" : "http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8" ]
}, },
{ "references": {
"name" : "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4" "name": "SSRT061273",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495"
"name" : "https://issues.rpath.com/browse/RPL-989", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-989" "name": "1017573",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1017573"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-125.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-125.htm" "name": "http://docs.info.apple.com/article.html?artnum=305530",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=305530"
"name" : "http://docs.info.apple.com/article.html?artnum=305530", },
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=305530" "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
"name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488", },
"refsource" : "CONFIRM", {
"url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488" "name": "23944",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23944"
"name" : "IY95618", },
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IY95618" "name": "GLSA-200702-06",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200702-06.xml"
"name" : "IY95619", },
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IY95619" "name": "24129",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24129"
"name" : "IY96144", },
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IY96144" "name": "102969",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102969-1"
"name" : "IY96324", },
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IY96324" "name": "24048",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24048"
"name" : "APPLE-SA-2007-05-24", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html" "name": "ADV-2007-1939",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1939"
"name" : "DSA-1254", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1254" "name": "FreeBSD-SA-07:02",
}, "refsource": "FREEBSD",
{ "url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:02.bind.asc"
"name" : "FEDORA-2007-147", },
"refsource" : "FEDORA", {
"url" : "http://fedoranews.org/cms/node/2507" "name": "SSRT071304",
}, "refsource": "HP",
{ "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144"
"name" : "FEDORA-2007-164", },
"refsource" : "FEDORA", {
"url" : "http://fedoranews.org/cms/node/2537" "name": "OpenPKG-SA-2007.007",
}, "refsource": "OPENPKG",
{ "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.007.html"
"name" : "FreeBSD-SA-07:02", },
"refsource" : "FREEBSD", {
"url" : "http://security.freebsd.org/advisories/FreeBSD-SA-07:02.bind.asc" "name": "ADV-2007-3229",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3229"
"name" : "GLSA-200702-06", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200702-06.xml" "name": "NetBSD-SA2007-003",
}, "refsource": "NETBSD",
{ "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-003.txt.asc"
"name" : "HPSBTU02207", },
"refsource" : "HP", {
"url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-125.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-125.htm"
"name" : "SSRT061213", },
"refsource" : "HP", {
"url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" "name": "23943",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23943"
"name" : "SSRT061239", },
"refsource" : "HP", {
"url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" "name": "MDKSA-2007:030",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:030"
"name" : "SSRT071304", },
"refsource" : "HP", {
"url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" "name": "25482",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25482"
"name" : "HPSBUX02219", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495" "name": "RHSA-2007:0057",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0057.html"
"name" : "SSRT061273", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495" "name": "2007-0005",
}, "refsource": "TRUSTIX",
{ "url": "http://www.trustix.org/errata/2007/0005"
"name" : "MDKSA-2007:030", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:030" "name": "DSA-1254",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1254"
"name" : "NetBSD-SA2007-003", },
"refsource" : "NETBSD", {
"url" : "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-003.txt.asc" "name": "APPLE-SA-2007-05-24",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"
"name" : "OpenPKG-SA-2007.007", },
"refsource" : "OPENPKG", {
"url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.007.html" "name": "25402",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25402"
"name" : "RHSA-2007:0044", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0044.html" "name": "bind-rrsets-dos(31838)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31838"
"name" : "RHSA-2007:0057", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0057.html" "name": "22231",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22231"
"name" : "20070201-01-P", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc" "name": "24083",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24083"
"name" : "SSA:2007-026-01", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.494157" "name": "25649",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25649"
"name" : "102969", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102969-1" "name": "RHSA-2007:0044",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0044.html"
"name" : "SUSE-SA:2007:014", },
"refsource" : "SUSE", {
"url" : "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0016.html" "name": "24284",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24284"
"name" : "2007-0005", },
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.org/errata/2007/0005" "name": "24930",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24930"
"name" : "USN-418-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-418-1" "name": "IY96144",
}, "refsource": "AIXAPAR",
{ "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY96144"
"name" : "22231", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22231" "name": "24648",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24648"
"name" : "oval:org.mitre.oval:def:11523", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11523" "name": "ADV-2007-2163",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2163"
"name" : "ADV-2007-1401", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1401" "name": "SSRT061213",
}, "refsource": "HP",
{ "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144"
"name" : "ADV-2007-1939", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1939" "name": "FEDORA-2007-164",
}, "refsource": "FEDORA",
{ "url": "http://fedoranews.org/cms/node/2537"
"name" : "ADV-2007-2002", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2002" "name": "25715",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25715"
"name" : "ADV-2007-2163", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2163" "name": "23977",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23977"
"name" : "ADV-2007-2245", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2245" "name": "oval:org.mitre.oval:def:11523",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11523"
"name" : "ADV-2007-2315", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2315" "name": "[bind-announce] 20070125 Internet Systems Consortium Security Advisory.",
}, "refsource": "MLIST",
{ "url": "http://marc.info/?l=bind-announce&m=116968519300764&w=2"
"name" : "ADV-2007-3229", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3229" "name": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8",
}, "refsource": "CONFIRM",
{ "url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8"
"name" : "1017573", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017573" "name": "SSRT061239",
}, "refsource": "HP",
{ "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144"
"name" : "23904", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23904" "name": "26909",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26909"
"name" : "23972", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23972" "name": "ADV-2007-2002",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2002"
"name" : "23924", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23924" "name": "http://www.isc.org/index.pl?/sw/bind/bind-security.php",
}, "refsource": "CONFIRM",
{ "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
"name" : "23944", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23944" "name": "HPSBUX02219",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495"
"name" : "23943", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23943" "name": "USN-418-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-418-1"
"name" : "23974", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23974" "name": "IY95619",
}, "refsource": "AIXAPAR",
{ "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY95619"
"name" : "23977", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23977" "name": "24203",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24203"
"name" : "24054", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24054" "name": "27706",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27706"
"name" : "24014", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24014" "name": "24014",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24014"
"name" : "24083", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24083" "name": "24054",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24054"
"name" : "24048", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24048" "name": "23974",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23974"
"name" : "24129", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24129" "name": "ADV-2007-2315",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2315"
"name" : "24203", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24203" "name": "ADV-2007-2245",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2245"
"name" : "24648", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24648" "name": "SUSE-SA:2007:014",
}, "refsource": "SUSE",
{ "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0016.html"
"name" : "24950", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24950" "name": "https://issues.rpath.com/browse/RPL-989",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-989"
"name" : "24930", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24930" "name": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4",
}, "refsource": "CONFIRM",
{ "url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4"
"name" : "25402", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25402" "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488",
}, "refsource": "CONFIRM",
{ "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488"
"name" : "25649", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25649" "name": "IY96324",
}, "refsource": "AIXAPAR",
{ "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY96324"
"name" : "25715", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25715" "name": "ADV-2007-1401",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1401"
"name" : "24284", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24284" "name": "FEDORA-2007-147",
}, "refsource": "FEDORA",
{ "url": "http://fedoranews.org/cms/node/2507"
"name" : "25482", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25482" "name": "20070201-01-P",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
"name" : "26909", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26909" "name": "IY95618",
}, "refsource": "AIXAPAR",
{ "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY95618"
"name" : "27706", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27706" "name": "23904",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23904"
"name" : "bind-rrsets-dos(31838)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31838" "name": "HPSBTU02207",
} "refsource": "HP",
] "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144"
} },
} {
"name": "23924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23924"
},
{
"name": "SSA:2007-026-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.494157"
},
{
"name": "24950",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24950"
},
{
"name": "23972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23972"
}
]
}
}

180
2007/0xxx/CVE-2007-0628.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0628", "ID": "CVE-2007-0628",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) before 20070129 allow remote attackers to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "102621", "description_data": [
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102621-1" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) before 20070129 allow remote attackers to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parameter. NOTE: some of these details are obtained from third party information."
{ }
"name" : "22302", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22302" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0411", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0411" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33010", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/33010" ]
}, },
{ "references": {
"name" : "1017570", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017570" "name": "ADV-2007-0411",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0411"
"name" : "23979", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23979" "name": "1017570",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1017570"
"name" : "java-access-server-unspecified-xss(31936)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31936" "name": "23979",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/23979"
} },
} {
"name": "33010",
"refsource": "OSVDB",
"url": "http://osvdb.org/33010"
},
{
"name": "java-access-server-unspecified-xss(31936)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31936"
},
{
"name": "22302",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22302"
},
{
"name": "102621",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102621-1"
}
]
}
}

210
2007/0xxx/CVE-2007-0711.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0711", "ID": "CVE-2007-0711",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "APPLE-SA-2007-03-05", "description_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html" "lang": "eng",
}, "value": "Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP video file."
{ }
"name" : "http://docs.info.apple.com/article.html?artnum=305149", ]
"refsource" : "CONFIRM", },
"url" : "http://docs.info.apple.com/article.html?artnum=305149" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "TA07-065A", "description": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-065A.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "VU#568689", ]
"refsource" : "CERT-VN", }
"url" : "http://www.kb.cert.org/vuls/id/568689" ]
}, },
{ "references": {
"name" : "22827", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22827" "name": "ADV-2007-0825",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0825"
"name" : "ADV-2007-0825", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0825" "name": "VU#568689",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/568689"
"name" : "33905", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33905" "name": "22827",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22827"
"name" : "1017725", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017725" "name": "33905",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/33905"
"name" : "24359", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24359" "name": "24359",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24359"
"name" : "quicktime-3gpvideo-overflow(32814)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32814" "name": "APPLE-SA-2007-03-05",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
} },
} {
"name": "1017725",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017725"
},
{
"name": "TA07-065A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-065A.html"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305149",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305149"
},
{
"name": "quicktime-3gpvideo-overflow(32814)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32814"
}
]
}
}

260
2007/0xxx/CVE-2007-0724.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0724", "ID": "CVE-2007-0724",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.info.apple.com/article.html?artnum=305214", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=305214" "lang": "eng",
}, "value": "The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console."
{ }
"name" : "http://docs.info.apple.com/article.html?artnum=305391", ]
"refsource" : "CONFIRM", },
"url" : "http://docs.info.apple.com/article.html?artnum=305391" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2007-03-13", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2007-04-19", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" ]
}, },
{ "references": {
"name" : "TA07-072A", "reference_data": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" "name": "34855",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/34855"
"name" : "TA07-109A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" "name": "24966",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24966"
"name" : "22948", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22948" "name": "TA07-072A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
"name" : "ADV-2007-0930", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0930" "name": "APPLE-SA-2007-03-13",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
"name" : "ADV-2007-1470", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1470" "name": "22948",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22948"
"name" : "34855", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/34855" "name": "http://docs.info.apple.com/article.html?artnum=305391",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=305391"
"name" : "1017751", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017751" "name": "http://docs.info.apple.com/article.html?artnum=305214",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=305214"
"name" : "1017942", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017942" "name": "1017751",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1017751"
"name" : "24479", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24479" "name": "macos-hid-privilege-escalation(32973)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32973"
"name" : "24966", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24966" "name": "1017942",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1017942"
"name" : "macos-hid-privilege-escalation(32973)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32973" "name": "TA07-109A",
} "refsource": "CERT",
] "url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
} },
} {
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "APPLE-SA-2007-04-19",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "ADV-2007-1470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1470"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
}

170
2007/3xxx/CVE-2007-3050.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3050", "ID": "CVE-2007-3050",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Session fixation vulnerability in chameleon cms 3.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070601 [MajorSecurity Advisory #50]chameleon cms - Session fixation Issue", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/470273/100/0/threaded" "lang": "eng",
}, "value": "Session fixation vulnerability in chameleon cms 3.0 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter."
{ }
"name" : "20070607 Re: [MajorSecurity Advisory #50]chameleon cms - Session fixation Issue", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/470759/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls50", "description": [
"refsource" : "MISC", {
"url" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls50" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36912", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/36912" ]
}, },
{ "references": {
"name" : "25526", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25526" "name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls50",
}, "refsource": "MISC",
{ "url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls50"
"name" : "chameleon-phpsessid-session-hijacking(34684)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34684" "name": "36912",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/36912"
} },
} {
"name": "25526",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25526"
},
{
"name": "20070607 Re: [MajorSecurity Advisory #50]chameleon cms - Session fixation Issue",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470759/100/0/threaded"
},
{
"name": "20070601 [MajorSecurity Advisory #50]chameleon cms - Session fixation Issue",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470273/100/0/threaded"
},
{
"name": "chameleon-phpsessid-session-hijacking(34684)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34684"
}
]
}
}

190
2007/3xxx/CVE-2007-3916.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3916", "ID": "CVE-2007-3916",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://security-tracker.debian.net/tracker/CVE-2007-3916", "description_data": [
"refsource" : "MISC", {
"url" : "http://security-tracker.debian.net/tracker/CVE-2007-3916" "lang": "eng",
}, "value": "The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete arbitrary files via a symlink attack on a skkdic$PID temporary file."
{ }
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=193121", ]
"refsource" : "CONFIRM", },
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=193121" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-200710-10", "description": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200710-10.xml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25739", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25739" ]
}, },
{ "references": {
"name" : "40557", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/40557" "name": "http://security-tracker.debian.net/tracker/CVE-2007-3916",
}, "refsource": "MISC",
{ "url": "http://security-tracker.debian.net/tracker/CVE-2007-3916"
"name" : "26866", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26866" "name": "26866",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26866"
"name" : "27247", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27247" "name": "25739",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25739"
"name" : "skktools-skkdicexpr-symlink(36699)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36699" "name": "GLSA-200710-10",
} "refsource": "GENTOO",
] "url": "http://security.gentoo.org/glsa/glsa-200710-10.xml"
} },
} {
"name": "40557",
"refsource": "OSVDB",
"url": "http://osvdb.org/40557"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=193121",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=193121"
},
{
"name": "27247",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27247"
},
{
"name": "skktools-skkdicexpr-symlink(36699)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36699"
}
]
}
}

200
2007/4xxx/CVE-2007-4440.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4440", "ID": "CVE-2007-4440",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070818 Mercury SMTPD Remote Preauth Stack Based Overrun", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-08/0341.html" "lang": "eng",
}, "value": "Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961."
{ }
"name" : "4294", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/4294" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.pmail.com/m32_451.htm", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.pmail.com/m32_451.htm" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25357", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25357" ]
}, },
{ "references": {
"name" : "ADV-2007-2918", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2918" "name": "26519",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26519"
"name" : "1018587", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018587" "name": "20070818 Mercury SMTPD Remote Preauth Stack Based Overrun",
}, "refsource": "FULLDISC",
{ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-08/0341.html"
"name" : "26519", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26519" "name": "ADV-2007-2918",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2918"
"name" : "mercury-smtp-bo(36117)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36117" "name": "4294",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/4294"
"name" : "mercury-authcrammd5-bo(36299)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36299" "name": "http://www.pmail.com/m32_451.htm",
} "refsource": "CONFIRM",
] "url": "http://www.pmail.com/m32_451.htm"
} },
} {
"name": "25357",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25357"
},
{
"name": "mercury-smtp-bo(36117)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36117"
},
{
"name": "1018587",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018587"
},
{
"name": "mercury-authcrammd5-bo(36299)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36299"
}
]
}
}

150
2007/4xxx/CVE-2007-4582.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4582", "ID": "CVE-2007-4582",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX control in nvUnifiedControl.dll 1.1.45.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allows remote attackers to execute arbitrary code via a long second argument to the SetText method."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4322", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4322" "lang": "eng",
}, "value": "Buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX control in nvUnifiedControl.dll 1.1.45.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allows remote attackers to execute arbitrary code via a long second argument to the SetText method."
{ }
"name" : "25465", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25465" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "38441", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38441" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "nvr-nvunifiedcontrol-bo(36305)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36305" ]
} },
] "references": {
} "reference_data": [
} {
"name": "38441",
"refsource": "OSVDB",
"url": "http://osvdb.org/38441"
},
{
"name": "nvr-nvunifiedcontrol-bo(36305)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36305"
},
{
"name": "4322",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4322"
},
{
"name": "25465",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25465"
}
]
}
}

150
2007/4xxx/CVE-2007-4736.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4736", "ID": "CVE-2007-4736",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in category.php in CartKeeper CKGold Shopping Cart 2.0 allows remote attackers to execute arbitrary SQL commands via the category_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4349", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4349" "lang": "eng",
}, "value": "SQL injection vulnerability in category.php in CartKeeper CKGold Shopping Cart 2.0 allows remote attackers to execute arbitrary SQL commands via the category_id parameter."
{ }
"name" : "ADV-2007-3088", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/3088" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "38422", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38422" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ckgold-category-sql-injection(36419)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36419" ]
} },
] "references": {
} "reference_data": [
} {
"name": "4349",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4349"
},
{
"name": "38422",
"refsource": "OSVDB",
"url": "http://osvdb.org/38422"
},
{
"name": "ADV-2007-3088",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3088"
},
{
"name": "ckgold-category-sql-injection(36419)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36419"
}
]
}
}

190
2007/4xxx/CVE-2007-4907.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4907", "ID": "CVE-2007-4907",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in X-Cart allow remote attackers to execute arbitrary PHP code via a URL in the xcart_dir parameter to (1) config.php, (2) prepare.php, (3) smarty.php, (4) customer/product.php, (5) provider/auth.php, and (6) admin/auth.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4396", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4396" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in X-Cart allow remote attackers to execute arbitrary PHP code via a URL in the xcart_dir parameter to (1) config.php, (2) prepare.php, (3) smarty.php, (4) customer/product.php, (5) provider/auth.php, and (6) admin/auth.php."
{ }
"name" : "25637", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25637" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "38972", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38972" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "38973", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/38973" ]
}, },
{ "references": {
"name" : "38974", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38974" "name": "38977",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/38977"
"name" : "38976", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38976" "name": "38976",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/38976"
"name" : "38977", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38977" "name": "4396",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/4396"
"name" : "xcart-xcartdir-file-include(36574)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36574" "name": "38974",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/38974"
} },
} {
"name": "38972",
"refsource": "OSVDB",
"url": "http://osvdb.org/38972"
},
{
"name": "38973",
"refsource": "OSVDB",
"url": "http://osvdb.org/38973"
},
{
"name": "xcart-xcartdir-file-include(36574)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36574"
},
{
"name": "25637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25637"
}
]
}
}

160
2014/5xxx/CVE-2014-5459.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5459", "ID": "CVE-2014-5459",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140827 Re: CVE request: php-pear, pear's insecure /tmp/ use for cache data", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/08/27/3" "lang": "eng",
}, "value": "The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions."
{ }
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759282", ]
"refsource" : "MISC", },
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759282" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2014:1133", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-updates/2014-09/msg00024.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2014:1245", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2014-09/msg00055.html" "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759282",
} "refsource": "MISC",
] "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759282"
} },
} {
"name": "openSUSE-SU-2014:1245",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00055.html"
},
{
"name": "[oss-security] 20140827 Re: CVE request: php-pear, pear's insecure /tmp/ use for cache data",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/08/27/3"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"name": "openSUSE-SU-2014:1133",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00024.html"
}
]
}
}

140
2014/5xxx/CVE-2014-5542.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5542", "ID": "CVE-2014-5542",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Hidden Object Mystery (aka air.com.differencegames.hodetectivemysteryfree) application 1.0.65 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Hidden Object Mystery (aka air.com.differencegames.hodetectivemysteryfree) application 1.0.65 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#638641", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/638641" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#638641",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/638641"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/5xxx/CVE-2014-5792.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5792", "ID": "CVE-2014-5792",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Reign of Dragons: Build-Battle (aka net.gree.android.pf.greeapp57501) application 2.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Reign of Dragons: Build-Battle (aka net.gree.android.pf.greeapp57501) application 2.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#532953", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/532953" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name": "VU#532953",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/532953"
}
]
}
}

34
2015/2xxx/CVE-2015-2356.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2356", "ID": "CVE-2015-2356",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2015/2xxx/CVE-2015-2541.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2541", "ID": "CVE-2015-2541",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2485 and CVE-2015-2491."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-428", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-428" "lang": "eng",
}, "value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2485 and CVE-2015-2491."
{ }
"name" : "MS15-094", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "76583", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76583" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033487", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033487" ]
} },
] "references": {
} "reference_data": [
} {
"name": "76583",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76583"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-428",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-428"
},
{
"name": "MS15-094",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094"
},
{
"name": "1033487",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033487"
}
]
}
}

130
2015/2xxx/CVE-2015-2772.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2772", "ID": "CVE-2015-2772",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to upload arbitrary files via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0" "lang": "eng",
}, "value": "SVM in Websense TRITON V-Series appliances before 8.0.0 allows attackers to upload arbitrary files via unspecified vectors."
{ }
"name" : "73439", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/73439" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
"refsource": "CONFIRM",
"url": "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
},
{
"name": "73439",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73439"
}
]
}
}

170
2015/2xxx/CVE-2015-2789.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2789", "ID": "CVE-2015-2789",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "36390", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/36390" "lang": "eng",
}, "value": "Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder."
{ }
"name" : "http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php", "description": [
"refsource" : "MISC", {
"url" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25", ]
"refsource" : "CONFIRM", }
"url" : "http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25" ]
}, },
{ "references": {
"name" : "73432", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73432" "name": "73432",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/73432"
"name" : "1031879", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031879" "name": "http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html",
} "refsource": "MISC",
] "url": "http://packetstormsecurity.com/files/130840/Foxit-Reader-7.0.6.1126-Privilege-Escalation.html"
} },
} {
"name": "1031879",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031879"
},
{
"name": "http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25",
"refsource": "CONFIRM",
"url": "http://www.foxitsoftware.com/support/security_bulletins.php#FRD-25"
},
{
"name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php",
"refsource": "MISC",
"url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5235.php"
},
{
"name": "36390",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/36390"
}
]
}
}

130
2015/6xxx/CVE-2015-6074.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-6074", "ID": "CVE-2015-6074",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6066, CVE-2015-6070, CVE-2015-6071, CVE-2015-6076, and CVE-2015-6087."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-112", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" "lang": "eng",
}, "value": "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6066, CVE-2015-6070, CVE-2015-6071, CVE-2015-6076, and CVE-2015-6087."
{ }
"name" : "1034112", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034112" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034112",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034112"
},
{
"name": "MS15-112",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112"
}
]
}
}

140
2015/6xxx/CVE-2015-6250.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6250", "ID": "CVE-2015-6250",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "simple-php-captcha before commit 9d65a945029c7be7bb6bc893759e74c5636be694 allows remote attackers to automatically generate the captcha response by running the same code on the client-side."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150817 Re: CVE request - simple-php-captcha - captcha bypass vulnerability", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/08/17/7" "lang": "eng",
}, "value": "simple-php-captcha before commit 9d65a945029c7be7bb6bc893759e74c5636be694 allows remote attackers to automatically generate the captcha response by running the same code on the client-side."
{ }
"name" : "https://github.com/claviska/simple-php-captcha/commit/9d65a945029c7be7bb6bc893759e74c5636be694", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/claviska/simple-php-captcha/commit/9d65a945029c7be7bb6bc893759e74c5636be694" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/claviska/simple-php-captcha/issues/16", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/claviska/simple-php-captcha/issues/16" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/claviska/simple-php-captcha/issues/16",
"refsource": "CONFIRM",
"url": "https://github.com/claviska/simple-php-captcha/issues/16"
},
{
"name": "[oss-security] 20150817 Re: CVE request - simple-php-captcha - captcha bypass vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/08/17/7"
},
{
"name": "https://github.com/claviska/simple-php-captcha/commit/9d65a945029c7be7bb6bc893759e74c5636be694",
"refsource": "CONFIRM",
"url": "https://github.com/claviska/simple-php-captcha/commit/9d65a945029c7be7bb6bc893759e74c5636be694"
}
]
}
}

120
2015/6xxx/CVE-2015-6488.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-6488", "ID": "CVE-2015-6488",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the web server on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-03", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-03" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in the web server on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-03"
}
]
}
}

190
2015/6xxx/CVE-2015-6581.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2015-6581", "ID": "CVE-2015-6581",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering a memory-allocation failure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html" "lang": "eng",
}, "value": "Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering a memory-allocation failure."
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=486538", ]
"refsource" : "CONFIRM", },
"url" : "https://code.google.com/p/chromium/issues/detail?id=486538" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.google.com/p/chromium/issues/detail?id=526825", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.google.com/p/chromium/issues/detail?id=526825" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://code.google.com/p/openjpeg/issues/detail?id=492", ]
"refsource" : "CONFIRM", }
"url" : "https://code.google.com/p/openjpeg/issues/detail?id=492" ]
}, },
{ "references": {
"name" : "DSA-3665", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3665" "name": "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html",
}, "refsource": "CONFIRM",
{ "url": "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html"
"name" : "FEDORA-2015-1c9ed24c61", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169258.html" "name": "1033472",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033472"
"name" : "FEDORA-2015-773ef285ef", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168736.html" "name": "https://code.google.com/p/chromium/issues/detail?id=486538",
}, "refsource": "CONFIRM",
{ "url": "https://code.google.com/p/chromium/issues/detail?id=486538"
"name" : "1033472", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033472" "name": "https://code.google.com/p/chromium/issues/detail?id=526825",
} "refsource": "CONFIRM",
] "url": "https://code.google.com/p/chromium/issues/detail?id=526825"
} },
} {
"name": "https://code.google.com/p/openjpeg/issues/detail?id=492",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/openjpeg/issues/detail?id=492"
},
{
"name": "FEDORA-2015-1c9ed24c61",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169258.html"
},
{
"name": "FEDORA-2015-773ef285ef",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168736.html"
},
{
"name": "DSA-3665",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3665"
}
]
}
}

130
2015/6xxx/CVE-2015-6747.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6747", "ID": "CVE-2015-6747",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Basware Banking (Maksuliikenne) 8.90.07.X does not properly prevent access to private keys, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 due to different vulnerability types. NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-6746."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150727 Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2015/Jul/120" "lang": "eng",
}, "value": "Basware Banking (Maksuliikenne) 8.90.07.X does not properly prevent access to private keys, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 due to different vulnerability types. NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-6746."
{ }
"name" : "https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2015/haavoittuvuus-2015-018.html", ]
"refsource" : "MISC", },
"url" : "https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2015/haavoittuvuus-2015-018.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150727 Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jul/120"
},
{
"name": "https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2015/haavoittuvuus-2015-018.html",
"refsource": "MISC",
"url": "https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2015/haavoittuvuus-2015-018.html"
}
]
}
}

34
2015/6xxx/CVE-2015-6917.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6917", "ID": "CVE-2015-6917",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2015/7xxx/CVE-2015-7094.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-7094", "ID": "CVE-2015-7094",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT205635", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205635" "lang": "eng",
}, "value": "CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle attackers to bypass the HSTS protection mechanism via a crafted URL."
{ }
"name" : "https://support.apple.com/HT205637", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT205637" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2015-12-08-1", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-12-08-3", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" ]
}, },
{ "references": {
"name" : "1034344", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034344" "name": "https://support.apple.com/HT205635",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/HT205635"
} },
} {
"name": "https://support.apple.com/HT205637",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205637"
},
{
"name": "1034344",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034344"
},
{
"name": "APPLE-SA-2015-12-08-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"name": "APPLE-SA-2015-12-08-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
}
]
}
}

140
2015/7xxx/CVE-2015-7617.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-7617", "ID": "CVE-2015-7617",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code by leveraging improper EScript exception handling, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, and CVE-2015-7621."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-492", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-492" "lang": "eng",
}, "value": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code by leveraging improper EScript exception handling, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, and CVE-2015-7621."
{ }
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1033796", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033796" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-492",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-492"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"name": "1033796",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033796"
}
]
}
}

130
2015/7xxx/CVE-2015-7996.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7996", "ID": "CVE-2015-7996",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow attackers to obtain credentials via the browser cache."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.citrix.com/article/CTX202482", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.citrix.com/article/CTX202482" "lang": "eng",
}, "value": "The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow attackers to obtain credentials via the browser cache."
{ }
"name" : "1034167", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034167" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034167",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034167"
},
{
"name": "http://support.citrix.com/article/CTX202482",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX202482"
}
]
}
}

190
2016/0xxx/CVE-2016-0749.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-0749", "ID": "CVE-2016-0749",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" "lang": "eng",
}, "value": "The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow."
{ }
"name" : "DSA-3596", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2016/dsa-3596" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201606-05", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201606-05" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2016:1204", ]
"refsource" : "REDHAT", }
"url" : "https://access.redhat.com/errata/RHSA-2016:1204" ]
}, },
{ "references": {
"name" : "RHSA-2016:1205", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1205" "name": "GLSA-201606-05",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201606-05"
"name" : "openSUSE-SU-2016:1725", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-07/msg00003.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
"name" : "openSUSE-SU-2016:1726", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-07/msg00004.html" "name": "openSUSE-SU-2016:1725",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00003.html"
"name" : "USN-3014-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3014-1" "name": "USN-3014-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-3014-1"
} },
} {
"name": "openSUSE-SU-2016:1726",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00004.html"
},
{
"name": "RHSA-2016:1205",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1205"
},
{
"name": "DSA-3596",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3596"
},
{
"name": "RHSA-2016:1204",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1204"
}
]
}
}

290
2016/0xxx/CVE-2016-0755.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-0755", "ID": "CVE-2016-0755",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/135695/Slackware-Security-Advisory-curl-Updates.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/135695/Slackware-Security-Advisory-curl-Updates.html" "lang": "eng",
}, "value": "The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015."
{ }
"name" : "http://curl.haxx.se/docs/adv_20160127A.html", ]
"refsource" : "CONFIRM", },
"url" : "http://curl.haxx.se/docs/adv_20160127A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT207170", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207170" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2016-09-20", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" "name": "FEDORA-2016-57bebab3b6",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176413.html"
"name" : "DSA-3455", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3455" "name": "http://packetstormsecurity.com/files/135695/Slackware-Security-Advisory-curl-Updates.html",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.com/files/135695/Slackware-Security-Advisory-curl-Updates.html"
"name" : "FEDORA-2016-3fa315a5dd", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176546.html" "name": "openSUSE-SU-2016:0360",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00031.html"
"name" : "FEDORA-2016-57bebab3b6", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176413.html" "name": "FEDORA-2016-3fa315a5dd",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176546.html"
"name" : "FEDORA-2016-55137a3adb", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177342.html" "name": "APPLE-SA-2016-09-20",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
"name" : "FEDORA-2016-5a141de5d9", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177383.html" "name": "http://curl.haxx.se/docs/adv_20160127A.html",
}, "refsource": "CONFIRM",
{ "url": "http://curl.haxx.se/docs/adv_20160127A.html"
"name" : "GLSA-201701-47", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-47" "name": "SSA:2016-039-01",
}, "refsource": "SLACKWARE",
{ "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.519965"
"name" : "SSA:2016-039-01", },
"refsource" : "SLACKWARE", {
"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.519965" "name": "DSA-3455",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3455"
"name" : "openSUSE-SU-2016:0360", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00031.html" "name": "openSUSE-SU-2016:0376",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00047.html"
"name" : "openSUSE-SU-2016:0373", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00044.html" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
"name" : "openSUSE-SU-2016:0376", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00047.html" "name": "82307",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/82307"
"name" : "USN-2882-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2882-1" "name": "https://support.apple.com/HT207170",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT207170"
"name" : "82307", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/82307" "name": "openSUSE-SU-2016:0373",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00044.html"
"name" : "1034882", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034882" "name": "1034882",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1034882"
} },
} {
"name": "FEDORA-2016-5a141de5d9",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177383.html"
},
{
"name": "USN-2882-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2882-1"
},
{
"name": "GLSA-201701-47",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-47"
},
{
"name": "FEDORA-2016-55137a3adb",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177342.html"
}
]
}
}

130
2016/0xxx/CVE-2016-0849.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-0849", "ID": "CVE-2016-0849",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26960931."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-04-02.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-04-02.html" "lang": "eng",
}, "value": "Multiple integer overflows in minzip/SysUtil.c in the Recovery Procedure in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26960931."
{ }
"name" : "https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad", ]
"refsource" : "CONFIRM", },
"url" : "https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/bootable/recovery/+/28a566f7731b4cb76d2a9ba16d997ac5aeb07dad"
},
{
"name": "http://source.android.com/security/bulletin/2016-04-02.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-04-02.html"
}
]
}
}

34
2016/1000xxx/CVE-2016-1000195.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1000195", "ID": "CVE-2016-1000195",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2016/10xxx/CVE-2016-10102.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10102", "ID": "CVE-2016-10102",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd and encryptionProfiles.jsd and decrypt them to recover cleartext passwords. All 10.x up to and including 10.25 and all 11.x up to and including 11.14 are verified to be affected."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://rastamouse.me/guff/2016/automize/", "description_data": [
"refsource" : "MISC", {
"url" : "https://rastamouse.me/guff/2016/automize/" "lang": "eng",
}, "value": "hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd and encryptionProfiles.jsd and decrypt them to recover cleartext passwords. All 10.x up to and including 10.25 and all 11.x up to and including 11.14 are verified to be affected."
{ }
"name" : "96848", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96848" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://rastamouse.me/guff/2016/automize/",
"refsource": "MISC",
"url": "https://rastamouse.me/guff/2016/automize/"
},
{
"name": "96848",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96848"
}
]
}
}

180
2016/10xxx/CVE-2016-10146.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2016-10146", "ID": "CVE-2016-10146",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2017/01/16/6" "lang": "eng",
}, "value": "Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors."
{ }
"name" : "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2017/01/17/5" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851380", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851380" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456" ]
}, },
{ "references": {
"name" : "DSA-3799", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3799" "name": "[oss-security] 20170116 CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2017/01/16/6"
"name" : "GLSA-201702-09", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201702-09" "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851380",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851380"
"name" : "95744", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95744" "name": "GLSA-201702-09",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201702-09"
} },
} {
"name": "95744",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95744"
},
{
"name": "DSA-3799",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3799"
},
{
"name": "https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456"
},
{
"name": "[oss-security] 20170116 Re: CVE Request: Imagemagick: various flaws: memory corruption, out-of-bounds writes, memory leaks, double-frees, off-by-one errors",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/17/5"
}
]
}
}

132
2016/10xxx/CVE-2016-10551.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2016-10551", "ID": "CVE-2016-10551",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "waterline-sequel node module", "product_name": "waterline-sequel node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "0.5.0" "version_value": "0.5.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "waterline-sequel is a module that helps generate SQL statements for Waterline apps Any user input that goes into Waterline's `like`, `contains`, `startsWith`, or `endsWith` will end up in waterline-sequel with the potential for malicious code. A malicious user can input their own SQL statements in waterline-sequel 0.50 that will get executed and have full access to the database."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "SQL Injection (CWE-89)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/balderdashy/waterline/issues/1219#issuecomment-157294530", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/balderdashy/waterline/issues/1219#issuecomment-157294530" "lang": "eng",
}, "value": "waterline-sequel is a module that helps generate SQL statements for Waterline apps Any user input that goes into Waterline's `like`, `contains`, `startsWith`, or `endsWith` will end up in waterline-sequel with the potential for malicious code. A malicious user can input their own SQL statements in waterline-sequel 0.50 that will get executed and have full access to the database."
{ }
"name" : "https://nodesecurity.io/advisories/115", ]
"refsource" : "MISC", },
"url" : "https://nodesecurity.io/advisories/115" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "SQL Injection (CWE-89)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/balderdashy/waterline/issues/1219#issuecomment-157294530",
"refsource": "MISC",
"url": "https://github.com/balderdashy/waterline/issues/1219#issuecomment-157294530"
},
{
"name": "https://nodesecurity.io/advisories/115",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/115"
}
]
}
}

122
2016/10xxx/CVE-2016-10621.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2016-10621", "ID": "CVE-2016-10621",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "fibjs node module", "product_name": "fibjs node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions" "version_value": "All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "fibjs is a runtime for javascript applictions built on google v8 JS. fibjs downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing Encryption of Sensitive Data (CWE-311)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://nodesecurity.io/advisories/217", "description_data": [
"refsource" : "MISC", {
"url" : "https://nodesecurity.io/advisories/217" "lang": "eng",
} "value": "fibjs is a runtime for javascript applictions built on google v8 JS. fibjs downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Encryption of Sensitive Data (CWE-311)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodesecurity.io/advisories/217",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/217"
}
]
}
}

170
2016/1xxx/CVE-2016-1821.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-1821", "ID": "CVE-2016-1821",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "39926", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/39926/" "lang": "eng",
}, "value": "IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app."
{ }
"name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=776", ]
"refsource" : "MISC", },
"url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=776" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT206567", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT206567" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2016-05-16-4", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" ]
}, },
{ "references": {
"name" : "90696", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/90696" "name": "https://support.apple.com/HT206567",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT206567"
"name" : "1035895", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035895" "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=776",
} "refsource": "MISC",
] "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=776"
} },
} {
"name": "APPLE-SA-2016-05-16-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
},
{
"name": "90696",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90696"
},
{
"name": "39926",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39926/"
},
{
"name": "1035895",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035895"
}
]
}
}

170
2016/4xxx/CVE-2016-4698.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-4698", "ID": "CVE-2016-4698",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12 mishandles process entitlement and Team ID values in the task port inheritance policy, which allows attackers to execute arbitrary code in a privileged context via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT207143", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207143" "lang": "eng",
}, "value": "AppleMobileFileIntegrity in Apple iOS before 10 and OS X before 10.12 mishandles process entitlement and Team ID values in the task port inheritance policy, which allows attackers to execute arbitrary code in a privileged context via a crafted app."
{ }
"name" : "https://support.apple.com/HT207170", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT207170" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2016-09-20", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2016-09-20-3", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" ]
}, },
{ "references": {
"name" : "93056", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93056" "name": "1036858",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036858"
"name" : "1036858", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036858" "name": "APPLE-SA-2016-09-20",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
} },
} {
"name": "APPLE-SA-2016-09-20-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"
},
{
"name": "93056",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93056"
},
{
"name": "https://support.apple.com/HT207170",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207170"
},
{
"name": "https://support.apple.com/HT207143",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207143"
}
]
}
}

150
2016/4xxx/CVE-2016-4727.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-4727", "ID": "CVE-2016-4727",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IOThunderboltFamily in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT207170", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207170" "lang": "eng",
}, "value": "IOThunderboltFamily in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
{ }
"name" : "APPLE-SA-2016-09-20", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "93055", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93055" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1036858", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1036858" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1036858",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036858"
},
{
"name": "APPLE-SA-2016-09-20",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"name": "93055",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93055"
},
{
"name": "https://support.apple.com/HT207170",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207170"
}
]
}
}

190
2016/4xxx/CVE-2016-4797.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4797", "ID": "CVE-2016-4797",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for CVE-2014-7947."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160512 Re: CVE Request - OpenJPEG: Security Fixes", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/05/13/2" "lang": "eng",
}, "value": "Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for CVE-2014-7947."
{ }
"name" : "https://github.com/uclouvain/openjpeg/issues/733", ]
"refsource" : "MISC", },
"url" : "https://github.com/uclouvain/openjpeg/issues/733" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1335483", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1335483" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c" ]
}, },
{ "references": {
"name" : "FEDORA-2016-14d8f9b4ed", "reference_data": [
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5FFMOZOF2EI6N2CR23EQ5EATWLQKBMHW/" "name": "FEDORA-2016-14d8f9b4ed",
}, "refsource": "FEDORA",
{ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5FFMOZOF2EI6N2CR23EQ5EATWLQKBMHW/"
"name" : "FEDORA-2016-8fa7ced365", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BJM23YERMEC6LCTWBUH7LZURGSLZDFDH/" "name": "FEDORA-2016-abdc548f46",
}, "refsource": "FEDORA",
{ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPMDEUIMHTLKMHELDL4F4HZ7X4Y34JEB/"
"name" : "FEDORA-2016-abdc548f46", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPMDEUIMHTLKMHELDL4F4HZ7X4Y34JEB/" "name": "https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/uclouvain/openjpeg/commit/8f9cc62b3f9a1da9712329ddcedb9750d585505c"
"name" : "FEDORA-2016-d2ab705e4a", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFRD35RIPRCGZA5DKAKHZ62LMP2A5UT7/" "name": "FEDORA-2016-8fa7ced365",
} "refsource": "FEDORA",
] "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BJM23YERMEC6LCTWBUH7LZURGSLZDFDH/"
} },
} {
"name": "FEDORA-2016-d2ab705e4a",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFRD35RIPRCGZA5DKAKHZ62LMP2A5UT7/"
},
{
"name": "[oss-security] 20160512 Re: CVE Request - OpenJPEG: Security Fixes",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/13/2"
},
{
"name": "https://github.com/uclouvain/openjpeg/issues/733",
"refsource": "MISC",
"url": "https://github.com/uclouvain/openjpeg/issues/733"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1335483",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335483"
}
]
}
}

160
2016/9xxx/CVE-2016-9192.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-9192", "ID": "CVE-2016-9192",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco AnyConnect Secure Mobility Client", "product_name": "Cisco AnyConnect Secure Mobility Client",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco AnyConnect Secure Mobility Client" "version_value": "Cisco AnyConnect Secure Mobility Client"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. More Information: CSCvb68043. Known Affected Releases: 4.3(2039) 4.3(748). Known Fixed Releases: 4.3(4019) 4.4(225)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "unspecified"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/nettitude/PoshC2/blob/master/Modules/CVE-2016-9192.ps1", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/nettitude/PoshC2/blob/master/Modules/CVE-2016-9192.ps1" "lang": "eng",
}, "value": "A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. More Information: CSCvb68043. Known Affected Releases: 4.3(2039) 4.3(748). Known Fixed Releases: 4.3(4019) 4.4(225)."
{ }
"name" : "https://github.com/serializingme/cve-2016-9192", ]
"refsource" : "MISC", },
"url" : "https://github.com/serializingme/cve-2016-9192" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-anyconnect1", "description": [
"refsource" : "CONFIRM", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-anyconnect1" "lang": "eng",
}, "value": "unspecified"
{ }
"name" : "94770", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/94770" ]
}, },
{ "references": {
"name" : "1037409", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037409" "name": "https://github.com/serializingme/cve-2016-9192",
} "refsource": "MISC",
] "url": "https://github.com/serializingme/cve-2016-9192"
} },
} {
"name": "https://github.com/nettitude/PoshC2/blob/master/Modules/CVE-2016-9192.ps1",
"refsource": "MISC",
"url": "https://github.com/nettitude/PoshC2/blob/master/Modules/CVE-2016-9192.ps1"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-anyconnect1",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-anyconnect1"
},
{
"name": "1037409",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037409"
},
{
"name": "94770",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94770"
}
]
}
}

34
2019/2xxx/CVE-2019-2027.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2027", "ID": "CVE-2019-2027",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2810.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2810", "ID": "CVE-2019-2810",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3333.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3333", "ID": "CVE-2019-3333",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

166
2019/3xxx/CVE-2019-3784.json
View File

@ -1,85 +1,85 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@dell.com", "ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC" : "2019-02-19T17:15:40.000Z", "DATE_PUBLIC": "2019-02-19T17:15:40.000Z",
"ID" : "CVE-2019-3784", "ID": "CVE-2019-3784",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Cloud Foundry Stratos contains a Session Collision Vulnerability" "TITLE": "Cloud Foundry Stratos contains a Session Collision Vulnerability"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Stratos", "product_name": "Stratos",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_name" : "All", "version_name": "All",
"version_value" : "2.3.0" "version_value": "2.3.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cloud Foundry" "vendor_name": "Cloud Foundry"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure session that can be spoofed. When deployed on cloud foundry with multiple instances using the default embedded SQLite database, a remote authenticated malicious user can switch sessions to another user with the same session id."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "HIGH",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 8.2,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "LOW",
"scope" : "CHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-384: Session Fixation"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.cloudfoundry.org/blog/cve-2019-3784", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.cloudfoundry.org/blog/cve-2019-3784" "lang": "eng",
} "value": "Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure session that can be spoofed. When deployed on cloud foundry with multiple instances using the default embedded SQLite database, a remote authenticated malicious user can switch sessions to another user with the same session id."
] }
}, ]
"source" : { },
"discovery" : "UNKNOWN" "impact": {
} "cvss": {
} "attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-384: Session Fixation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2019-3784",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2019-3784"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

34
2019/3xxx/CVE-2019-3856.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3856", "ID": "CVE-2019-3856",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3999.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3999", "ID": "CVE-2019-3999",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6141.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6141", "ID": "CVE-2019-6141",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2019/6xxx/CVE-2019-6256.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6256", "ID": "CVE-2019-6256",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20190226 [SECURITY] [DLA 1690-1] liblivemedia security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00037.html" "lang": "eng",
}, "value": "A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request within the same TCP session. This occurs because of a call to an incorrect virtual function pointer in the readSocket function in GroupsockHelper.cpp."
{ }
"name" : "https://github.com/rgaufman/live555/issues/19", ]
"refsource" : "MISC", },
"url" : "https://github.com/rgaufman/live555/issues/19" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20190226 [SECURITY] [DLA 1690-1] liblivemedia security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00037.html"
},
{
"name": "https://github.com/rgaufman/live555/issues/19",
"refsource": "MISC",
"url": "https://github.com/rgaufman/live555/issues/19"
}
]
}
}

120
2019/6xxx/CVE-2019-6290.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6290", "ID": "CVE-2019-6290",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392548", "description_data": [
"refsource" : "MISC", {
"url" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392548" "lang": "eng",
} "value": "An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392548",
"refsource": "MISC",
"url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392548"
}
]
}
}

34
2019/6xxx/CVE-2019-6425.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6425", "ID": "CVE-2019-6425",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6636.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6636", "ID": "CVE-2019-6636",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7082.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7082", "ID": "CVE-2019-7082",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7495.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7495", "ID": "CVE-2019-7495",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7516.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7516", "ID": "CVE-2019-7516",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7967.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7967", "ID": "CVE-2019-7967",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8460.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8460", "ID": "CVE-2019-8460",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8539.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8539", "ID": "CVE-2019-8539",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8662.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8662", "ID": "CVE-2019-8662",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9379.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9379", "ID": "CVE-2019-9379",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9541.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9541", "ID": "CVE-2019-9541",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2019/9xxx/CVE-2019-9623.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9623", "ID": "CVE-2019-9623",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code via \"<!--#exec cmd=\" in a .shtml file to ck_upload_handler.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "46471", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/46471" "lang": "eng",
}, "value": "Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code via \"<!--#exec cmd=\" in a .shtml file to ck_upload_handler.php."
{ }
"name" : "https://pentest.com.tr/exploits/Feng-Office-3-7-0-5-Unauthenticated-Remote-Command-Execution-Metasploit.html", ]
"refsource" : "MISC", },
"url" : "https://pentest.com.tr/exploits/Feng-Office-3-7-0-5-Unauthenticated-Remote-Command-Execution-Metasploit.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "46471",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46471"
},
{
"name": "https://pentest.com.tr/exploits/Feng-Office-3-7-0-5-Unauthenticated-Remote-Command-Execution-Metasploit.html",
"refsource": "MISC",
"url": "https://pentest.com.tr/exploits/Feng-Office-3-7-0-5-Unauthenticated-Remote-Command-Execution-Metasploit.html"
}
]
}
}

34
2019/9xxx/CVE-2019-9723.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9723", "ID": "CVE-2019-9723",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }