admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:36:08 +00:00
parent ac2bf6d048
commit c488bd3ff3
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
64 changed files with 3544 additions and 3544 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
2007/0xxx/CVE-2007-0317.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0317",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0317",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=477793&group_id=21558",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=477793&group_id=21558"
"name": "http://sourceforge.net/project/shownotes.php?release_id=477793&group_id=21558",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=477793&group_id=21558"
},
{
"name" : "22063",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22063"
"name": "22063",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22063"
},
{
"name" : "ADV-2007-0182",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0182"
"name": "ADV-2007-0182",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0182"
},
{
"name" : "filezilla-logmessage-format-string(31497)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31497"
"name": "filezilla-logmessage-format-string(31497)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31497"
}
]
}

86
2007/0xxx/CVE-2007-0518.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0518",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0518",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Scriptsez Smart PHP Subscriber (aka subscribe) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain encoded passwords via a direct request for pwd.txt."
"lang": "eng",
"value": "Scriptsez Smart PHP Subscriber (aka subscribe) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain encoded passwords via a direct request for pwd.txt."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070123 subscribe (pwd.txt) Remote Password Disclosur",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/457852/100/0/threaded"
"name": "23886",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23886"
},
{
"name" : "32946",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32946"
"name": "2183",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2183"
},
{
"name" : "23886",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23886"
"name": "32946",
"refsource": "OSVDB",
"url": "http://osvdb.org/32946"
},
{
"name" : "2183",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2183"
"name": "subscriber-pwd-information-disclosure(31701)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31701"
},
{
"name" : "subscriber-pwd-information-disclosure(31701)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31701"
"name": "20070123 subscribe (pwd.txt) Remote Password Disclosur",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457852/100/0/threaded"
}
]
}

74
2007/0xxx/CVE-2007-0545.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0545",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0545",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Maxtricity Tagger 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for tagger.mdb."
"lang": "eng",
"value": "Maxtricity Tagger 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for tagger.mdb."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070124 Maxtricity Tagger Password Disclosure Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/457953/100/0/threaded"
"name": "2214",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2214"
},
{
"name" : "33577",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33577"
"name": "33577",
"refsource": "OSVDB",
"url": "http://osvdb.org/33577"
},
{
"name" : "2214",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2214"
"name": "20070124 Maxtricity Tagger Password Disclosure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457953/100/0/threaded"
}
]
}

86
2007/0xxx/CVE-2007-0708.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0708",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0708",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) before 2.4.16.174 does not validate arguments that originate in user mode for the (1) NtConnectPort and (2) NtCreatePort hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments."
"lang": "eng",
"value": "cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) before 2.4.16.174 does not validate arguments that originate in user mode for the (1) NtConnectPort and (2) NtCreatePort hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070201 Comodo Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/458773/100/0/threaded"
"name": "comodofirewallpro-cmdmon-dos(32059)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32059"
},
{
"name" : "http://www.matousec.com/info/advisories/Comodo-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"refsource" : "MISC",
"url" : "http://www.matousec.com/info/advisories/Comodo-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
"name": "22357",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22357"
},
{
"name" : "22357",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22357"
"name": "20070201 Comodo Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458773/100/0/threaded"
},
{
"name" : "1017580",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017580"
"name": "1017580",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017580"
},
{
"name" : "comodofirewallpro-cmdmon-dos(32059)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32059"
"name": "http://www.matousec.com/info/advisories/Comodo-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Comodo-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
}
]
}

134
2007/0xxx/CVE-2007-0940.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0940",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2007-0940",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the \"CAPICOM.Certificates Vulnerability.\""
"lang": "eng",
"value": "Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the \"CAPICOM.Certificates Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "HPSBST02214",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name": "HPSBST02214",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
},
{
"name" : "SSRT071422",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name": "SSRT071422",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
},
{
"name" : "MS07-028",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-028"
"name": "ADV-2007-1713",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1713"
},
{
"name" : "TA07-128A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-128A.html"
"name": "VU#866305",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/866305"
},
{
"name" : "VU#866305",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/866305"
"name": "TA07-128A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html"
},
{
"name" : "23782",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23782"
"name": "oval:org.mitre.oval:def:1670",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1670"
},
{
"name" : "ADV-2007-1713",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1713"
"name": "25185",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25185"
},
{
"name" : "34397",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34397"
"name": "ms-capicom-code-execution(32739)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32739"
},
{
"name" : "oval:org.mitre.oval:def:1670",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1670"
"name": "1018016",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018016"
},
{
"name" : "1018016",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018016"
"name": "MS07-028",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-028"
},
{
"name" : "1018017",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018017"
"name": "34397",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34397"
},
{
"name" : "25185",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25185"
"name": "1018017",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018017"
},
{
"name" : "ms-capicom-code-execution(32739)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32739"
"name": "23782",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23782"
}
]
}

86
2007/1xxx/CVE-2007-1103.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1103",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1103",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Tor does not verify a node's uptime and bandwidth advertisements, which allows remote attackers who operate a low resource node to make false claims of greater resources, which places the node into use for many circuits and compromises the anonymity of traffic sources and destinations."
"lang": "eng",
"value": "Tor does not verify a node's uptime and bandwidth advertisements, which allows remote attackers who operate a low resource node to make false claims of greater resources, which places the node into use for many circuits and compromises the anonymity of traffic sources and destinations."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[or-talk] 20070225 \"Low-Resource Routing Attacks Against Anonymous Systems\"",
"refsource" : "MLIST",
"url" : "http://archives.seul.org/or/talk/Feb-2007/msg00197.html"
"name": "[or-talk] 20070225 \"Low-Resource Routing Attacks Against Anonymous Systems\"",
"refsource": "MLIST",
"url": "http://archives.seul.org/or/talk/Feb-2007/msg00197.html"
},
{
"name" : "[or-talk] 20070225 Re: \"Low-Resource Routing Attacks Against Anonymous Systems\"",
"refsource" : "MLIST",
"url" : "http://archives.seul.org/or/talk/Feb-2007/msg00200.html"
"name": "[or-talk] 20070225 Re: ISP controlling entry/exti (\"Low-Resource Routing Attacks Against Anonymous Systems\")",
"refsource": "MLIST",
"url": "http://archives.seul.org/or/talk/Feb-2007/msg00202.html"
},
{
"name" : "[or-talk] 20070225 Re: ISP controlling entry/exti (\"Low-Resource Routing Attacks Against Anonymous Systems\")",
"refsource" : "MLIST",
"url" : "http://archives.seul.org/or/talk/Feb-2007/msg00202.html"
"name": "http://www.cs.colorado.edu/department/publications/reports/docs/CU-CS-1025-07.pdf",
"refsource": "MISC",
"url": "http://www.cs.colorado.edu/department/publications/reports/docs/CU-CS-1025-07.pdf"
},
{
"name" : "http://www.cs.colorado.edu/department/publications/reports/docs/CU-CS-1025-07.pdf",
"refsource" : "MISC",
"url" : "http://www.cs.colorado.edu/department/publications/reports/docs/CU-CS-1025-07.pdf"
"name": "[or-talk] 20070225 Re: \"Low-Resource Routing Attacks Against Anonymous Systems\"",
"refsource": "MLIST",
"url": "http://archives.seul.org/or/talk/Feb-2007/msg00200.html"
},
{
"name" : "45249",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45249"
"name": "45249",
"refsource": "OSVDB",
"url": "http://osvdb.org/45249"
}
]
}

80
2007/1xxx/CVE-2007-1599.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1599",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1599",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "wp-login.php in WordPress allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information via the redirect_to parameter."
"lang": "eng",
"value": "wp-login.php in WordPress allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information via the redirect_to parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070320 Advisory - Redirection Vulnerability in wp-login.php.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/463291/100/0/threaded"
"name": "http://www.metaeye.org/advisories/40",
"refsource": "MISC",
"url": "http://www.metaeye.org/advisories/40"
},
{
"name" : "http://www.metaeye.org/advisories/40",
"refsource" : "MISC",
"url" : "http://www.metaeye.org/advisories/40"
"name": "30960",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30960"
},
{
"name" : "DSA-1601",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1601"
"name": "20070320 Advisory - Redirection Vulnerability in wp-login.php.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/463291/100/0/threaded"
},
{
"name" : "30960",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30960"
"name": "DSA-1601",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1601"
}
]
}

22
2007/1xxx/CVE-2007-1668.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1668",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1668",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2007/1xxx/CVE-2007-1981.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1981",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1981",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The safevoid_vsnprintf function in Metamod-P 1.19p29 and earlier on Windows allows remote attackers to cause a denial of service (daemon crash) via a long meta list command."
"lang": "eng",
"value": "The safevoid_vsnprintf function in Metamod-P 1.19p29 and earlier on Windows allows remote attackers to cause a denial of service (daemon crash) via a long meta list command."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sourceforge.net/forum/forum.php?forum_id=681753",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/forum/forum.php?forum_id=681753"
"name": "ADV-2007-1247",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1247"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=498782",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=498782"
"name": "24738",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24738"
},
{
"name" : "ADV-2007-1247",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1247"
"name": "http://sourceforge.net/forum/forum.php?forum_id=681753",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=681753"
},
{
"name" : "24738",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24738"
"name": "http://sourceforge.net/project/shownotes.php?release_id=498782",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=498782"
}
]
}

110
2007/1xxx/CVE-2007-1993.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1993",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1993",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the pfs_mountd.rpc RPC daemon in the Portable File System (PFS) in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to execute arbitrary code by sending \"a call to procedure 5, followed by a crafted payload to procedure 2.\""
"lang": "eng",
"value": "Buffer overflow in the pfs_mountd.rpc RPC daemon in the Portable File System (PFS) in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to execute arbitrary code by sending \"a call to procedure 5, followed by a crafted payload to procedure 2.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070412 Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=512"
"name": "hpux-pfs-privilege-escalation(33567)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33567"
},
{
"name" : "HPSBUX02203",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00913684"
"name": "1017893",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017893"
},
{
"name" : "SSRT071339",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00913684"
"name": "HPSBUX02203",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00913684"
},
{
"name" : "23401",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23401"
"name": "24855",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24855"
},
{
"name" : "oval:org.mitre.oval:def:5751",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5751"
"name": "oval:org.mitre.oval:def:5751",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5751"
},
{
"name" : "ADV-2007-1343",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1343"
"name": "23401",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23401"
},
{
"name" : "1017893",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017893"
"name": "20070412 Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=512"
},
{
"name" : "24855",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24855"
"name": "ADV-2007-1343",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1343"
},
{
"name" : "hpux-pfs-privilege-escalation(33567)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33567"
"name": "SSRT071339",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00913684"
}
]
}

92
2007/4xxx/CVE-2007-4359.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4359",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4359",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via (1) the search form or (2) the jobid parameter to index.php in a showbyID action."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote attackers to execute arbitrary SQL commands via (1) the search form or (2) the jobid parameter to index.php in a showbyID action."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070813 JobLister3 SQL injection vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/476282/100/0/threaded"
"name": "20070813 JobLister3 SQL injection vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/476282/100/0/threaded"
},
{
"name" : "25296",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25296"
"name": "26440",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26440"
},
{
"name" : "36416",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36416"
"name": "3013",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3013"
},
{
"name" : "26440",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26440"
"name": "36416",
"refsource": "OSVDB",
"url": "http://osvdb.org/36416"
},
{
"name" : "3013",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3013"
"name": "joblister3-index-sql-injection(36052)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36052"
},
{
"name" : "joblister3-index-sql-injection(36052)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36052"
"name": "25296",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25296"
}
]
}

146
2007/4xxx/CVE-2007-4397.json
View File

@ -1,131 +1,131 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4397",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4397",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-info script 1.0, (6) XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file."
"lang": "eng",
"value": "Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-info script 1.0, (6) XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070812 Vulnerability in multiple \"now playing\" scripts for various IRC clients",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/476283/100/0/threaded"
"name": "26485",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26485"
},
{
"name" : "20070812 Vulnerability in multiple \"now playing\" scripts for various IRC clients",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065227.html"
"name": "25281",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25281"
},
{
"name" : "http://wouter.coekaerts.be/site/security/nowplaying",
"refsource" : "MISC",
"url" : "http://wouter.coekaerts.be/site/security/nowplaying"
"name": "3036",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3036"
},
{
"name" : "25281",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25281"
"name": "26488",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26488"
},
{
"name" : "39574",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/39574"
"name": "26484",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26484"
},
{
"name" : "39575",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/39575"
"name": "26486",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26486"
},
{
"name" : "26454",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26454"
"name": "20070812 Vulnerability in multiple \"now playing\" scripts for various IRC clients",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065227.html"
},
{
"name" : "26455",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26455"
"name": "39575",
"refsource": "OSVDB",
"url": "http://osvdb.org/39575"
},
{
"name" : "26484",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26484"
"name": "26487",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26487"
},
{
"name" : "26485",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26485"
"name": "20070812 Vulnerability in multiple \"now playing\" scripts for various IRC clients",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/476283/100/0/threaded"
},
{
"name" : "26486",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26486"
"name": "irc-multiple-command-execution(35985)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35985"
},
{
"name" : "26487",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26487"
"name": "26454",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26454"
},
{
"name" : "26488",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26488"
"name": "http://wouter.coekaerts.be/site/security/nowplaying",
"refsource": "MISC",
"url": "http://wouter.coekaerts.be/site/security/nowplaying"
},
{
"name" : "3036",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3036"
"name": "26455",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26455"
},
{
"name" : "irc-multiple-command-execution(35985)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35985"
"name": "39574",
"refsource": "OSVDB",
"url": "http://osvdb.org/39574"
}
]
}

80
2007/4xxx/CVE-2007-4433.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4433",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4433",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in textfilesearch.aspx in the Text File Search ASP.NET edition allows remote attackers to inject arbitrary web script or HTML via the search field."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in textfilesearch.aspx in the Text File Search ASP.NET edition allows remote attackers to inject arbitrary web script or HTML via the search field."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.packetstormsecurity.org/0708-exploits/aspnet-xss.txt",
"refsource" : "MISC",
"url" : "http://www.packetstormsecurity.org/0708-exploits/aspnet-xss.txt"
"name": "3048",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3048"
},
{
"name" : "25349",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25349"
"name": "37734",
"refsource": "OSVDB",
"url": "http://osvdb.org/37734"
},
{
"name" : "37734",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37734"
"name": "25349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25349"
},
{
"name" : "3048",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3048"
"name": "http://www.packetstormsecurity.org/0708-exploits/aspnet-xss.txt",
"refsource": "MISC",
"url": "http://www.packetstormsecurity.org/0708-exploits/aspnet-xss.txt"
}
]
}

80
2007/4xxx/CVE-2007-4546.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4546",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4546",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unreal Commander 0.92 build 565 and 573 lists the filenames from the Central Directory of a ZIP archive, but extracts to local filenames corresponding to names in Local File Header fields in this archive, which might allow remote attackers to trick a user into performing a dangerous file overwrite or creation."
"lang": "eng",
"value": "Unreal Commander 0.92 build 565 and 573 lists the filenames from the Central Directory of a ZIP archive, but extracts to local filenames corresponding to names in Local File Header fields in this archive, which might allow remote attackers to trick a user into performing a dangerous file overwrite or creation."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070823 X-Diesel Unreal Commander v0.92 (build 573) multiple vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/477432/100/0/threaded"
"name": "45831",
"refsource": "OSVDB",
"url": "http://osvdb.org/45831"
},
{
"name" : "25419",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25419"
"name": "3060",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3060"
},
{
"name" : "45831",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45831"
"name": "20070823 X-Diesel Unreal Commander v0.92 (build 573) multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477432/100/0/threaded"
},
{
"name" : "3060",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3060"
"name": "25419",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25419"
}
]
}

80
2007/4xxx/CVE-2007-4781.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4781",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4781",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "administrator/index.php in the installer component (com_installer) in Joomla! 1.5 Beta1, Beta2, and RC1 allows remote authenticated administrators to upload arbitrary files to tmp/ via the \"Upload Package File\" functionality, which is accessible when com_installer is the value of the option parameter."
"lang": "eng",
"value": "administrator/index.php in the installer component (com_installer) in Joomla! 1.5 Beta1, Beta2, and RC1 allows remote authenticated administrators to upload arbitrary files to tmp/ via the \"Upload Package File\" functionality, which is accessible when com_installer is the value of the option parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4350",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4350"
"name": "25508",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25508"
},
{
"name" : "25508",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25508"
"name": "45888",
"refsource": "OSVDB",
"url": "http://osvdb.org/45888"
},
{
"name" : "45888",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45888"
"name": "4350",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4350"
},
{
"name" : "joomla-admin-index-file-upload(36424)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36424"
"name": "joomla-admin-index-file-upload(36424)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36424"
}
]
}

22
2015/2xxx/CVE-2015-2226.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2226",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2226",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2015/2xxx/CVE-2015-2662.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2662",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-2662",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to DHCP Server."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to DHCP Server."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name" : "75886",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75886"
"name": "1032914",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032914"
},
{
"name" : "1032914",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032914"
"name": "75886",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75886"
}
]
}

68
2015/2xxx/CVE-2015-2866.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2866",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-2866",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability on the Grandstream GXV3611_HD camera with firmware before 1.0.3.9 beta allows remote attackers to execute arbitrary SQL commands by attempting to establish a TELNET session with a crafted username."
"lang": "eng",
"value": "SQL injection vulnerability on the Grandstream GXV3611_HD camera with firmware before 1.0.3.9 beta allows remote attackers to execute arbitrary SQL commands by attempting to establish a TELNET session with a crafted username."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "40441",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/40441/"
"name": "40441",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40441/"
},
{
"name" : "VU#253708",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/253708"
"name": "VU#253708",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/253708"
}
]
}

122
2015/3xxx/CVE-2015-3307.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3307",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3307",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive."
"lang": "eng",
"value": "The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugs.php.net/bug.php?id=69443",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=69443"
"name": "RHSA-2015:1187",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1223441",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1223441"
"name": "RHSA-2015:1186",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"name" : "https://support.apple.com/kb/HT205031",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/kb/HT205031"
"name": "74703",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74703"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1223441",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223441"
},
{
"name" : "APPLE-SA-2015-08-13-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"name" : "RHSA-2015:1187",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
"name": "https://bugs.php.net/bug.php?id=69443",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=69443"
},
{
"name" : "RHSA-2015:1135",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name" : "RHSA-2015:1186",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
"name": "RHSA-2015:1135",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"name" : "RHSA-2015:1066",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1066.html"
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name" : "RHSA-2015:1218",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
"name": "RHSA-2015:1066",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html"
},
{
"name" : "74703",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74703"
"name": "RHSA-2015:1218",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
}
]
}

80
2015/3xxx/CVE-2015-3634.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3634",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3634",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function in the Slideshow plugin 2.2.8 through 2.2.21 for Wordpress allows remote attackers to read arbitrary Wordpress option values."
"lang": "eng",
"value": "The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function in the Slideshow plugin 2.2.8 through 2.2.21 for Wordpress allows remote attackers to read arbitrary Wordpress option values."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150502 Re: CVE request / Advisory: Slideshow (Wordpress plugin) - Wordpress option value disclosure",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/05/02/12"
"name": "74453",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74453"
},
{
"name" : "https://github.com/Boonstra/Slideshow/commit/cac505e593cbe70a4d8af5b639f5385d4cc7aa04",
"refsource" : "CONFIRM",
"url" : "https://github.com/Boonstra/Slideshow/commit/cac505e593cbe70a4d8af5b639f5385d4cc7aa04"
"name": "https://wordpress.org/plugins/slideshow-jquery-image-gallery/#developers",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/slideshow-jquery-image-gallery/#developers"
},
{
"name" : "https://wordpress.org/plugins/slideshow-jquery-image-gallery/#developers",
"refsource" : "CONFIRM",
"url" : "https://wordpress.org/plugins/slideshow-jquery-image-gallery/#developers"
"name": "[oss-security] 20150502 Re: CVE request / Advisory: Slideshow (Wordpress plugin) - Wordpress option value disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/02/12"
},
{
"name" : "74453",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74453"
"name": "https://github.com/Boonstra/Slideshow/commit/cac505e593cbe70a4d8af5b639f5385d4cc7aa04",
"refsource": "CONFIRM",
"url": "https://github.com/Boonstra/Slideshow/commit/cac505e593cbe70a4d8af5b639f5385d4cc7aa04"
}
]
}

86
2015/6xxx/CVE-2015-6159.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6159",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-6159",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6143, CVE-2015-6153, CVE-2015-6158, and CVE-2015-6160."
"lang": "eng",
"value": "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6143, CVE-2015-6153, CVE-2015-6158, and CVE-2015-6160."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-645",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-645"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-645",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-645"
},
{
"name" : "MS15-124",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124"
"name": "1034315",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034315"
},
{
"name" : "MS15-125",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-125"
"name": "MS15-124",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124"
},
{
"name" : "1034315",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034315"
"name": "MS15-125",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-125"
},
{
"name" : "1034316",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034316"
"name": "1034316",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034316"
}
]
}

68
2015/6xxx/CVE-2015-6271.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6271",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6271",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco IOS XE 2.1.0 through 2.4.3 and 2.5.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted SIP packet, aka Bug IDs CSCta74749 and CSCta77008."
"lang": "eng",
"value": "Cisco IOS XE 2.1.0 through 2.4.3 and 2.5.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted SIP packet, aka Bug IDs CSCta74749 and CSCta77008."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150827 Cisco ASR 1000 Series Aggregation Services Routers Crafted SIP Packet Denial of Service Vulnerabilities",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40688"
"name": "1033410",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033410"
},
{
"name" : "1033410",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033410"
"name": "20150827 Cisco ASR 1000 Series Aggregation Services Routers Crafted SIP Packet Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40688"
}
]
}

80
2015/6xxx/CVE-2015-6418.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6418",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6418",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224."
"lang": "eng",
"value": "The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20151210 Cisco Small Business RV Series and SA500 Series Dual WAN VPN Router Generated Key Pair Information Disclosure Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr"
"name": "20151210 Cisco Small Business RV Series and SA500 Series Dual WAN VPN Router Generated Key Pair Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr"
},
{
"name" : "78876",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/78876"
"name": "1034408",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034408"
},
{
"name" : "1034409",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034409"
"name": "1034409",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034409"
},
{
"name" : "1034408",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034408"
"name": "78876",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78876"
}
]
}

22
2015/6xxx/CVE-2015-6922.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6922",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6922",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2015/7xxx/CVE-2015-7142.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7142",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-7142",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}

104
2015/7xxx/CVE-2015-7661.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7661",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-7661",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted getBounds call, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046."
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted getBounds call, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-564",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-564"
"name": "1034111",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034111"
},
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-28.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-28.html"
"name": "RHSA-2015:2024",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2024.html"
},
{
"name" : "GLSA-201511-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201511-02"
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-28.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-28.html"
},
{
"name" : "RHSA-2015:2023",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2023.html"
"name": "openSUSE-SU-2015:1984",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00071.html"
},
{
"name" : "RHSA-2015:2024",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2024.html"
"name": "GLSA-201511-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201511-02"
},
{
"name" : "openSUSE-SU-2015:1984",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00071.html"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-564",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-564"
},
{
"name" : "77533",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77533"
"name": "77533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77533"
},
{
"name" : "1034111",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034111"
"name": "RHSA-2015:2023",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2023.html"
}
]
}

22
2015/7xxx/CVE-2015-7810.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7810",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7810",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2016/0xxx/CVE-2016-0082.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0082",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-0082",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

74
2016/0xxx/CVE-2016-0184.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0184",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-0184",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka \"Direct3D Use After Free Vulnerability.\""
"lang": "eng",
"value": "Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka \"Direct3D Use After Free Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS16-055",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-055"
"name": "89892",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89892"
},
{
"name" : "89892",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/89892"
"name": "1035823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035823"
},
{
"name" : "1035823",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035823"
"name": "MS16-055",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-055"
}
]
}

68
2016/0xxx/CVE-2016-0269.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0269",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0269",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x before 9.1.8 and 9.2.x before 9.2.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x before 9.1.8 and 9.2.x before 9.2.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985734",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985734"
"name": "91690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91690"
},
{
"name" : "91690",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91690"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21985734",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985734"
}
]
}

68
2016/0xxx/CVE-2016-0461.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0461",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0461",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect availability via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect availability via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
"name": "1034709",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034709"
},
{
"name" : "1034709",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034709"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
}
]
}

68
2016/0xxx/CVE-2016-0920.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security_alert@emc.com",
"ID" : "CVE-2016-0920",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2016-0920",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration."
"lang": "eng",
"value": "Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160919 ESA-2016-065: EMC Avamar Data Store and Avamar Virtual Edition Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://seclists.org/bugtraq/2016/Sep/31"
"name": "20160919 ESA-2016-065: EMC Avamar Data Store and Avamar Virtual Edition Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2016/Sep/31"
},
{
"name" : "1036844",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036844"
"name": "1036844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036844"
}
]
}

74
2016/1000xxx/CVE-2016-1000137.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1000137",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000137",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Reflected XSS in wordpress plugin hero-maps-pro v2.1.0"
"lang": "eng",
"value": "Reflected XSS in wordpress plugin hero-maps-pro v2.1.0"
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=658",
"refsource" : "MISC",
"url" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=658"
"name": "93815",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93815"
},
{
"name" : "https://wordpress.org/plugins/hero-maps-pro",
"refsource" : "MISC",
"url" : "https://wordpress.org/plugins/hero-maps-pro"
"name": "https://wordpress.org/plugins/hero-maps-pro",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/hero-maps-pro"
},
{
"name" : "93815",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93815"
"name": "http://www.vapidlabs.com/wp/wp_advisory.php?v=658",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/wp/wp_advisory.php?v=658"
}
]
}

22
2016/1000xxx/CVE-2016-1000179.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1000179",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000179",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2016/1xxx/CVE-2016-1198.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1198",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-1198",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Photopt for Android before 2.0.1 does not verify SSL certificates."
"lang": "eng",
"value": "Photopt for Android before 2.0.1 does not verify SSL certificates."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://mypocket.ntt.com/photopt/info/info_001.html",
"refsource" : "CONFIRM",
"url" : "https://mypocket.ntt.com/photopt/info/info_001.html"
"name": "JVNDB-2016-000050",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000050.html"
},
{
"name" : "JVN#11815655",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN11815655/index.html"
"name": "JVN#11815655",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN11815655/index.html"
},
{
"name" : "JVNDB-2016-000050",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000050.html"
"name": "https://mypocket.ntt.com/photopt/info/info_001.html",
"refsource": "CONFIRM",
"url": "https://mypocket.ntt.com/photopt/info/info_001.html"
}
]
}

68
2016/1xxx/CVE-2016-1293.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1293",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1293",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Management Center in Cisco FireSIGHT System Software 6.0.0 and 6.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCux40414."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Management Center in Cisco FireSIGHT System Software 6.0.0 and 6.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCux40414."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160115 Cisco FireSIGHT Management Center Stored Cross-Site Scripting Vulnerabilities",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT"
"name": "1034689",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034689"
},
{
"name" : "1034689",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034689"
"name": "20160115 Cisco FireSIGHT Management Center Stored Cross-Site Scripting Vulnerabilities",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT"
}
]
}

98
2016/4xxx/CVE-2016-4150.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4150",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4150",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083."
"lang": "eng",
"value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html"
"name": "1036117",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036117"
},
{
"name" : "MS16-083",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083"
"name": "MS16-083",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083"
},
{
"name" : "RHSA-2016:1238",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1238"
"name": "openSUSE-SU-2016:1625",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html"
},
{
"name" : "SUSE-SU-2016:1613",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html"
"name": "RHSA-2016:1238",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1238"
},
{
"name" : "openSUSE-SU-2016:1621",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html"
"name": "openSUSE-SU-2016:1621",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html"
},
{
"name" : "openSUSE-SU-2016:1625",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html"
"name": "SUSE-SU-2016:1613",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html"
},
{
"name" : "1036117",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036117"
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html"
}
]
}

74
2016/4xxx/CVE-2016-4252.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4252",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4252",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, and CVE-2016-4254."
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, and CVE-2016-4254."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name" : "91716",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91716"
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name" : "1036281",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036281"
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}

74
2016/4xxx/CVE-2016-4267.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4267",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4267",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-490",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-490"
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-490",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-490"
},
{
"name" : "92637",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92637"
"name": "92637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92637"
}
]
}

74
2016/4xxx/CVE-2016-4535.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4535",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4535",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted packed executable."
"lang": "eng",
"value": "Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted packed executable."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "39770",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/39770/"
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=817",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=817"
},
{
"name" : "http://packetstormsecurity.com/files/136907/McAfee-Relocation-Processing-Memory-Corruption.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/136907/McAfee-Relocation-Processing-Memory-Corruption.html"
"name": "http://packetstormsecurity.com/files/136907/McAfee-Relocation-Processing-Memory-Corruption.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/136907/McAfee-Relocation-Processing-Memory-Corruption.html"
},
{
"name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=817",
"refsource" : "MISC",
"url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=817"
"name": "39770",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39770/"
}
]
}

74
2016/4xxx/CVE-2016-4825.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4825",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4825",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data."
"lang": "eng",
"value": "The Collne Welcart e-Commerce plugin before 1.8.3 for WordPress allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted serialized data."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.welcart.com/community/archives/78977",
"refsource" : "CONFIRM",
"url" : "http://www.welcart.com/community/archives/78977"
"name": "JVNDB-2016-000115",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000115"
},
{
"name" : "JVN#47363774",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN47363774/index.html"
"name": "http://www.welcart.com/community/archives/78977",
"refsource": "CONFIRM",
"url": "http://www.welcart.com/community/archives/78977"
},
{
"name" : "JVNDB-2016-000115",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000115"
"name": "JVN#47363774",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN47363774/index.html"
}
]
}

154
2019/0xxx/CVE-2019-0011.json
View File

@ -1,132 +1,132 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2019-01-09T17:00:00.000Z",
"ID" : "CVE-2019-0011",
"STATE" : "PUBLIC",
"TITLE" : "Junos OS: Kernel crash after processing specific incoming packet to the out of band management interface (CVE-2019-0011)"
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-01-09T17:00:00.000Z",
"ID": "CVE-2019-0011",
"STATE": "PUBLIC",
"TITLE": "Junos OS: Kernel crash after processing specific incoming packet to the out of band management interface (CVE-2019-0011)"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Junos OS",
"version" : {
"version_data" : [
"product_name": "Junos OS",
"version": {
"version_data": [
{
"affected" : "<",
"version_name" : "17.2",
"version_value" : "17.2R1-S7, 17.2R3"
"affected": "<",
"version_name": "17.2",
"version_value": "17.2R1-S7, 17.2R3"
},
{
"affected" : "<",
"version_name" : "17.3",
"version_value" : "17.3R3-S3"
"affected": "<",
"version_name": "17.3",
"version_value": "17.3R3-S3"
},
{
"affected" : "<",
"version_name" : "17.4",
"version_value" : "17.4R1-S4, 17.4R2"
"affected": "<",
"version_name": "17.4",
"version_value": "17.4R1-S4, 17.4R2"
},
{
"affected" : "<",
"version_name" : "17.2X75",
"version_value" : "17.2X75-D110"
"affected": "<",
"version_name": "17.2X75",
"version_value": "17.2X75-D110"
},
{
"affected" : "<",
"version_name" : "18.1",
"version_value" : "18.1R2"
"affected": "<",
"version_name": "18.1",
"version_value": "18.1R2"
}
]
}
}
]
},
"vendor_name" : "Juniper Networks"
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destined for another address. By continuously sending this type of packet, an attacker can repeatedly crash the kernel causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 17.2X75 versions prior to 17.2X75-D110; 18.1 versions prior to 18.1R2."
"lang": "eng",
"value": "The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destined for another address. By continuously sending this type of packet, an attacker can repeatedly crash the kernel causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS: 17.2 versions prior to 17.2R1-S7, 17.2R3; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R1-S4, 17.4R2; 17.2X75 versions prior to 17.2X75-D110; 18.1 versions prior to 18.1R2."
}
]
},
"exploit" : [
"exploit": [
{
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "ADJACENT_NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version" : "3.0"
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "DoS"
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://kb.juniper.net/JSA10911",
"refsource" : "CONFIRM",
"url" : "https://kb.juniper.net/JSA10911"
"name": "https://kb.juniper.net/JSA10911",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10911"
},
{
"name" : "106534",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106534"
"name": "106534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106534"
}
]
},
"solution" : [
"solution": [
{
"lang" : "eng",
"value" : "The following software releases have been updated to resolve this specific issue: Junos OS 17.2R1-S7, 17.2R3, 17.2X75-D110, 17.3R3-S3, 17.4R1-S4, 17.4R2, 18.1R2, 18.2R1, 18.2X75-D5, and all subsequent releases."
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 17.2R1-S7, 17.2R3, 17.2X75-D110, 17.3R3-S3, 17.4R1-S4, 17.4R2, 18.1R2, 18.2R1, 18.2X75-D5, and all subsequent releases."
}
],
"source" : {
"advisory" : "JSA10911",
"defect" : [
"source": {
"advisory": "JSA10911",
"defect": [
"1318556"
],
"discovery" : "USER"
"discovery": "USER"
},
"work_around" : [
"work_around": [
{
"lang" : "eng",
"value" : "Apply a firewall filter on the management interface which permits only the necessary traffic on management interface to the device's local address, such as SNMP, SSH, or other management traffic and drops everything else.\n"
"lang": "eng",
"value": "Apply a firewall filter on the management interface which permits only the necessary traffic on management interface to the device's local address, such as SNMP, SSH, or other management traffic and drops everything else.\n"
}
]
}

152
2019/0xxx/CVE-2019-0585.json
View File

@ -1,178 +1,178 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "Secure@Microsoft.com",
"ID" : "CVE-2019-0585",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0585",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Word",
"version" : {
"version_data" : [
"product_name": "Word",
"version": {
"version_data": [
{
"version_value" : "Automation Services on Microsoft SharePoint Server 2010 Service Pack 2"
"version_value": "Automation Services on Microsoft SharePoint Server 2010 Service Pack 2"
}
]
}
},
{
"product_name" : "Microsoft Office",
"version" : {
"version_data" : [
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value" : "2010 Service Pack 2 (32-bit editions)"
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value" : "2010 Service Pack 2 (64-bit editions)"
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value" : "2016 for Mac"
"version_value": "2016 for Mac"
},
{
"version_value" : "2019 for 32-bit editions"
"version_value": "2019 for 32-bit editions"
},
{
"version_value" : "2019 for 64-bit editions"
"version_value": "2019 for 64-bit editions"
},
{
"version_value" : "2019 for Mac"
"version_value": "2019 for Mac"
},
{
"version_value" : "Web Apps Server 2010 Service Pack 2"
"version_value": "Web Apps Server 2010 Service Pack 2"
}
]
}
},
{
"product_name" : "Microsoft Office Word Viewer",
"version" : {
"version_data" : [
"product_name": "Microsoft Office Word Viewer",
"version": {
"version_data": [
{
"version_value" : "Microsoft Office Word Viewer"
"version_value": "Microsoft Office Word Viewer"
}
]
}
},
{
"product_name" : "Microsoft SharePoint",
"version" : {
"version_data" : [
"product_name": "Microsoft SharePoint",
"version": {
"version_data": [
{
"version_value" : "Enterprise Server 2013 Service Pack 1"
"version_value": "Enterprise Server 2013 Service Pack 1"
},
{
"version_value" : "Enterprise Server 2016"
"version_value": "Enterprise Server 2016"
}
]
}
},
{
"product_name" : "Office",
"version" : {
"version_data" : [
"product_name": "Office",
"version": {
"version_data": [
{
"version_value" : "365 ProPlus for 32-bit Systems"
"version_value": "365 ProPlus for 32-bit Systems"
},
{
"version_value" : "365 ProPlus for 64-bit Systems"
"version_value": "365 ProPlus for 64-bit Systems"
}
]
}
},
{
"product_name" : "Microsoft Office Online Server",
"version" : {
"version_data" : [
"product_name": "Microsoft Office Online Server",
"version": {
"version_data": [
{
"version_value" : "Microsoft Office Online Server"
"version_value": "Microsoft Office Online Server"
}
]
}
},
{
"product_name" : "Microsoft Word",
"version" : {
"version_data" : [
"product_name": "Microsoft Word",
"version": {
"version_data": [
{
"version_value" : "2010 Service Pack 2 (32-bit editions)"
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value" : "2010 Service Pack 2 (64-bit editions)"
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value" : "2013 RT Service Pack 1"
"version_value": "2013 RT Service Pack 1"
},
{
"version_value" : "2013 Service Pack 1 (32-bit editions)"
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value" : "2013 Service Pack 1 (64-bit editions)"
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value" : "2016 (32-bit edition)"
"version_value": "2016 (32-bit edition)"
},
{
"version_value" : "2016 (64-bit edition)"
"version_value": "2016 (64-bit edition)"
}
]
}
},
{
"product_name" : "Microsoft SharePoint Server",
"version" : {
"version_data" : [
"product_name": "Microsoft SharePoint Server",
"version": {
"version_data": [
{
"version_value" : "2019"
"version_value": "2019"
}
]
}
}
]
},
"vendor_name" : "Microsoft"
"vendor_name": "Microsoft"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka \"Microsoft Word Remote Code Execution Vulnerability.\" This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Server."
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka \"Microsoft Word Remote Code Execution Vulnerability.\" This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Server."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote Code Execution"
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0585",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0585"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0585",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0585"
},
{
"name" : "106392",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106392"
"name": "106392",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106392"
}
]
}

22
2019/0xxx/CVE-2019-0665.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0665",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0665",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3028.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3028",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3028",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3106.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3106",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3106",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3702.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3702",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3702",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3821.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3821",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3821",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4199.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4199",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4199",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4447.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4447",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4447",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4486.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4486",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4486",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4949.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4949",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4949",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7072.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7072",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7072",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2019/7xxx/CVE-2019-7169.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7169",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7169",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/menus/menus/edit/3."
"lang": "eng",
"value": "A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/menus/menus/edit/3."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/croogo/croogo/issues/888",
"refsource" : "MISC",
"url" : "https://github.com/croogo/croogo/issues/888"
"name": "https://github.com/croogo/croogo/issues/888",
"refsource": "MISC",
"url": "https://github.com/croogo/croogo/issues/888"
}
]
}

22
2019/7xxx/CVE-2019-7266.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7266",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7266",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7384.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7384",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7384",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8283.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8283",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8283",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2019/8xxx/CVE-2019-8361.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8361",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8361",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP Scripts Mall Responsive Video News Script has XSS via the Search Bar. This might, for example, be leveraged for HTML injection or URL redirection."
"lang": "eng",
"value": "PHP Scripts Mall Responsive Video News Script has XSS via the Search Bar. This might, for example, be leveraged for HTML injection or URL redirection."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://hackingvila.wordpress.com/2019/02/16/url-redirection-through-html-injection-in-responsive-video-news-script-php-script-mall/",
"refsource" : "MISC",
"url" : "https://hackingvila.wordpress.com/2019/02/16/url-redirection-through-html-injection-in-responsive-video-news-script-php-script-mall/"
"name": "https://hackingvila.wordpress.com/2019/02/16/url-redirection-through-html-injection-in-responsive-video-news-script-php-script-mall/",
"refsource": "MISC",
"url": "https://hackingvila.wordpress.com/2019/02/16/url-redirection-through-html-injection-in-responsive-video-news-script-php-script-mall/"
},
{
"name" : "https://hackingvila.wordpress.com/2019/02/16/xss-vulnerability-in-responsive-video-news-script-php-script-mall/",
"refsource" : "MISC",
"url" : "https://hackingvila.wordpress.com/2019/02/16/xss-vulnerability-in-responsive-video-news-script-php-script-mall/"
"name": "https://hackingvila.wordpress.com/2019/02/16/xss-vulnerability-in-responsive-video-news-script-php-script-mall/",
"refsource": "MISC",
"url": "https://hackingvila.wordpress.com/2019/02/16/xss-vulnerability-in-responsive-video-news-script-php-script-mall/"
}
]
}

22
2019/8xxx/CVE-2019-8564.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8564",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8564",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8687.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8687",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8687",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9093.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9093",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9093",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9296.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9296",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9296",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9488.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9488",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9488",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9496.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9496",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9496",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}