admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:30:24 +00:00
parent 0d83dde74f
commit c96a28f9eb
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
57 changed files with 3749 additions and 3749 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
2006/5xxx/CVE-2006-5078.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5078", "ID": "CVE-2006-5078",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP remote file inclusion vulnerability in view/general.php in Kristian Niemi Polaring 00.04.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[dirMain] parameter." "value": "PHP remote file inclusion vulnerability in view/general.php in Kristian Niemi Polaring 00.04.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[dirMain] parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://sourceforge.net/forum/forum.php?forum_id=620481", "name": "polaring-general-file-include(29138)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://sourceforge.net/forum/forum.php?forum_id=620481" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29138"
}, },
{ {
"name" : "2427", "name": "http://sourceforge.net/forum/forum.php?forum_id=620481",
"refsource" : "EXPLOIT-DB", "refsource": "CONFIRM",
"url" : "https://www.exploit-db.com/exploits/2427" "url": "http://sourceforge.net/forum/forum.php?forum_id=620481"
}, },
{ {
"name" : "20183", "name": "20183",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/20183" "url": "http://www.securityfocus.com/bid/20183"
}, },
{ {
"name" : "polaring-general-file-include(29138)", "name": "2427",
"refsource" : "XF", "refsource": "EXPLOIT-DB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29138" "url": "https://www.exploit-db.com/exploits/2427"
} }
] ]
} }

98
2006/5xxx/CVE-2006-5736.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5736", "ID": "CVE-2006-5736",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in search.php in PunBB before 1.2.14, when the PHP installation is vulnerable to CVE-2006-3017, allows remote attackers to execute arbitrary SQL commands via the result_list array parameter, which is not initialized." "value": "SQL injection vulnerability in search.php in PunBB before 1.2.14, when the PHP installation is vulnerable to CVE-2006-3017, allows remote attackers to execute arbitrary SQL commands via the result_list array parameter, which is not initialized."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20061030 Punbb <= 1.2.13 Multiple Vulnerabilities", "name": "1017131",
"refsource" : "BUGTRAQ", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/archive/1/450055/100/0/threaded" "url": "http://securitytracker.com/id?1017131"
}, },
{ {
"name" : "http://www.wargan.org/index.php/2006/10/29/4-punbb-1213-multiple-vulnerabilities", "name": "1824",
"refsource" : "MISC", "refsource": "SREASON",
"url" : "http://www.wargan.org/index.php/2006/10/29/4-punbb-1213-multiple-vulnerabilities" "url": "http://securityreason.com/securityalert/1824"
}, },
{ {
"name" : "http://www.punbb.org/changelogs/1.2.13_to_1.2.14.txt", "name": "20061030 Punbb <= 1.2.13 Multiple Vulnerabilities",
"refsource" : "CONFIRM", "refsource": "BUGTRAQ",
"url" : "http://www.punbb.org/changelogs/1.2.13_to_1.2.14.txt" "url": "http://www.securityfocus.com/archive/1/450055/100/0/threaded"
}, },
{ {
"name" : "ADV-2006-4256", "name": "ADV-2006-4256",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4256" "url": "http://www.vupen.com/english/advisories/2006/4256"
}, },
{ {
"name" : "30133", "name": "http://www.wargan.org/index.php/2006/10/29/4-punbb-1213-multiple-vulnerabilities",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://www.osvdb.org/30133" "url": "http://www.wargan.org/index.php/2006/10/29/4-punbb-1213-multiple-vulnerabilities"
}, },
{ {
"name" : "1017131", "name": "30133",
"refsource" : "SECTRACK", "refsource": "OSVDB",
"url" : "http://securitytracker.com/id?1017131" "url": "http://www.osvdb.org/30133"
}, },
{ {
"name" : "1824", "name": "http://www.punbb.org/changelogs/1.2.13_to_1.2.14.txt",
"refsource" : "SREASON", "refsource": "CONFIRM",
"url" : "http://securityreason.com/securityalert/1824" "url": "http://www.punbb.org/changelogs/1.2.13_to_1.2.14.txt"
} }
] ]
} }

98
2007/2xxx/CVE-2007-2093.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2093", "ID": "CVE-2007-2093",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) 1.0 allows remote attackers to inject arbitrary PHP code into posts.txt via the message parameter." "value": "Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) 1.0 allows remote attackers to inject arbitrary PHP code into posts.txt via the message parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070415 LS simple guestbook - arbitrary code execution", "name": "23503",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/465864/100/0/threaded" "url": "http://www.securityfocus.com/bid/23503"
}, },
{ {
"name" : "3735", "name": "3735",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3735" "url": "https://www.exploit-db.com/exploits/3735"
}, },
{ {
"name" : "23503", "name": "ADV-2007-1393",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/23503" "url": "http://www.vupen.com/english/advisories/2007/1393"
}, },
{ {
"name" : "ADV-2007-1393", "name": "2590",
"refsource" : "VUPEN", "refsource": "SREASON",
"url" : "http://www.vupen.com/english/advisories/2007/1393" "url": "http://securityreason.com/securityalert/2590"
}, },
{ {
"name" : "24904", "name": "24904",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/24904" "url": "http://secunia.com/advisories/24904"
}, },
{ {
"name" : "2590", "name": "lsguestbook-index-code-execution(33666)",
"refsource" : "SREASON", "refsource": "XF",
"url" : "http://securityreason.com/securityalert/2590" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33666"
}, },
{ {
"name" : "lsguestbook-index-code-execution(33666)", "name": "20070415 LS simple guestbook - arbitrary code execution",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33666" "url": "http://www.securityfocus.com/archive/1/465864/100/0/threaded"
} }
] ]
} }

80
2007/2xxx/CVE-2007-2303.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2303", "ID": "CVE-2007-2303",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in includes/footer.php in News Manager Deluxe (NMDeluxe) 1.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter." "value": "Directory traversal vulnerability in includes/footer.php in News Manager Deluxe (NMDeluxe) 1.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "3742", "name": "34997",
"refsource" : "EXPLOIT-DB", "refsource": "OSVDB",
"url" : "https://www.exploit-db.com/exploits/3742" "url": "http://osvdb.org/34997"
}, },
{ {
"name" : "ADV-2007-1395", "name": "24896",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2007/1395" "url": "http://secunia.com/advisories/24896"
}, },
{ {
"name" : "34997", "name": "3742",
"refsource" : "OSVDB", "refsource": "EXPLOIT-DB",
"url" : "http://osvdb.org/34997" "url": "https://www.exploit-db.com/exploits/3742"
}, },
{ {
"name" : "24896", "name": "ADV-2007-1395",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/24896" "url": "http://www.vupen.com/english/advisories/2007/1395"
} }
] ]
} }

74
2007/2xxx/CVE-2007-2681.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2681", "ID": "CVE-2007-2681",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in blogs/index.php in b2evolution 1.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the core_subdir parameter." "value": "Directory traversal vulnerability in blogs/index.php in b2evolution 1.6 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the core_subdir parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070414 B2evolution 1.6 RFi", "name": "b2evolution-index-file-include(33687)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/465733/100/0/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33687"
}, },
{ {
"name" : "2697", "name": "2697",
"refsource" : "SREASON", "refsource": "SREASON",
"url" : "http://securityreason.com/securityalert/2697" "url": "http://securityreason.com/securityalert/2697"
}, },
{ {
"name" : "b2evolution-index-file-include(33687)", "name": "20070414 B2evolution 1.6 RFi",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33687" "url": "http://www.securityfocus.com/archive/1/465733/100/0/threaded"
} }
] ]
} }

80
2007/2xxx/CVE-2007-2759.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2759", "ID": "CVE-2007-2759",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in the insert function in the ValuePreference class (grid/ed/ValuePreference.java) in Adempiere before 3.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) m_Attribute or (2) m_Value parameter. NOTE: some of these details are obtained from third party information." "value": "Multiple SQL injection vulnerabilities in the insert function in the ValuePreference class (grid/ed/ValuePreference.java) in Adempiere before 3.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) m_Attribute or (2) m_Value parameter. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.adempiere.com/wiki/index.php/Release_316", "name": "http://www.adempiere.com/wiki/index.php/Release_316",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.adempiere.com/wiki/index.php/Release_316" "url": "http://www.adempiere.com/wiki/index.php/Release_316"
}, },
{ {
"name" : "ADV-2007-1842", "name": "37956",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2007/1842" "url": "http://osvdb.org/37956"
}, },
{ {
"name" : "37956", "name": "adempiere-insert-sql-injection(34325)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/37956" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34325"
}, },
{ {
"name" : "adempiere-insert-sql-injection(34325)", "name": "ADV-2007-1842",
"refsource" : "XF", "refsource": "VUPEN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34325" "url": "http://www.vupen.com/english/advisories/2007/1842"
} }
] ]
} }

86
2007/2xxx/CVE-2007-2776.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2776", "ID": "CVE-2007-2776",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "AlstraSoft Template Seller Pro 3.25 and earlier sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject a credential variable setting and obtain administrative access via a direct request to admin/changeinfo.php." "value": "AlstraSoft Template Seller Pro 3.25 and earlier sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject a credential variable setting and obtain administrative access via a direct request to admin/changeinfo.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "3958", "name": "24068",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/3958" "url": "http://www.securityfocus.com/bid/24068"
}, },
{ {
"name" : "http://itablackhawk.altervista.org/exploit/alsoft_exploit_pack", "name": "40422",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://itablackhawk.altervista.org/exploit/alsoft_exploit_pack" "url": "http://osvdb.org/40422"
}, },
{ {
"name" : "24068", "name": "alstrasoft-template-changeinfo-unauth-access(34396)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/24068" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34396"
}, },
{ {
"name" : "40422", "name": "3958",
"refsource" : "OSVDB", "refsource": "EXPLOIT-DB",
"url" : "http://osvdb.org/40422" "url": "https://www.exploit-db.com/exploits/3958"
}, },
{ {
"name" : "alstrasoft-template-changeinfo-unauth-access(34396)", "name": "http://itablackhawk.altervista.org/exploit/alsoft_exploit_pack",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34396" "url": "http://itablackhawk.altervista.org/exploit/alsoft_exploit_pack"
} }
] ]
} }

116
2007/3xxx/CVE-2007-3132.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3132", "ID": "CVE-2007-3132",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp." "value": "Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070605 Symantec Ghost Multiple Denial of Service Vulnerabilities", "name": "symantec-ghost-udp-dos(34745)",
"refsource" : "IDEFENSE", "refsource": "XF",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=540" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34745"
}, },
{ {
"name" : "20070606 iDefense Security Advisory 06.05.07: Symantec Ghost Multiple Denial of Service Vulnerabilities", "name": "24323",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/470644/100/0/threaded" "url": "http://www.securityfocus.com/bid/24323"
}, },
{ {
"name" : "http://www.symantec.com/avcenter/security/Content/2007.06.05b.html", "name": "20070605 Symantec Ghost Multiple Denial of Service Vulnerabilities",
"refsource" : "CONFIRM", "refsource": "IDEFENSE",
"url" : "http://www.symantec.com/avcenter/security/Content/2007.06.05b.html" "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=540"
}, },
{ {
"name" : "24323", "name": "20070606 iDefense Security Advisory 06.05.07: Symantec Ghost Multiple Denial of Service Vulnerabilities",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/24323" "url": "http://www.securityfocus.com/archive/1/470644/100/0/threaded"
}, },
{ {
"name" : "ADV-2007-2075", "name": "1018200",
"refsource" : "VUPEN", "refsource": "SECTRACK",
"url" : "http://www.vupen.com/english/advisories/2007/2075" "url": "http://www.securitytracker.com/id?1018200"
}, },
{ {
"name" : "36106", "name": "ADV-2007-2075",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://osvdb.org/36106" "url": "http://www.vupen.com/english/advisories/2007/2075"
}, },
{ {
"name" : "1018200", "name": "2805",
"refsource" : "SECTRACK", "refsource": "SREASON",
"url" : "http://www.securitytracker.com/id?1018200" "url": "http://securityreason.com/securityalert/2805"
}, },
{ {
"name" : "25539", "name": "25539",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/25539" "url": "http://secunia.com/advisories/25539"
}, },
{ {
"name" : "2805", "name": "36106",
"refsource" : "SREASON", "refsource": "OSVDB",
"url" : "http://securityreason.com/securityalert/2805" "url": "http://osvdb.org/36106"
}, },
{ {
"name" : "symantec-ghost-udp-dos(34745)", "name": "http://www.symantec.com/avcenter/security/Content/2007.06.05b.html",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34745" "url": "http://www.symantec.com/avcenter/security/Content/2007.06.05b.html"
} }
] ]
} }

86
2007/3xxx/CVE-2007-3246.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3246", "ID": "CVE-2007-3246",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The do_set_password function in modules/chanserv/set.c in IRC Services before 5.0.60 preserves channel founder privileges across a channel password change (ChanServ SET PASSWORD), which allows remote authenticated users to obtain the new password through automated e-mail, or perform privileged actions without knowing the new password." "value": "The do_set_password function in modules/chanserv/set.c in IRC Services before 5.0.60 preserves channel founder privileges across a channel password change (ChanServ SET PASSWORD), which allows remote authenticated users to obtain the new password through automated e-mail, or perform privileged actions without knowing the new password."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[IRCServices] 20070324 Regarding Founder Passwords", "name": "[IRCServices] 20070324 Services 5.0.60 released",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://lists.ircservices.za.net/pipermail/ircservices/2007/005228.html" "url": "http://lists.ircservices.za.net/pipermail/ircservices/2007/005229.html"
}, },
{ {
"name" : "[IRCServices] 20070324 Services 5.0.60 released", "name": "[IRCServices] 20070324 Regarding Founder Passwords",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://lists.ircservices.za.net/pipermail/ircservices/2007/005229.html" "url": "http://lists.ircservices.za.net/pipermail/ircservices/2007/005228.html"
}, },
{ {
"name" : "http://www.ircservices.za.net/Changes.txt", "name": "http://www.ircservices.za.net/Changes.txt",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.ircservices.za.net/Changes.txt" "url": "http://www.ircservices.za.net/Changes.txt"
}, },
{ {
"name" : "41691", "name": "ircservices-doset-privilege-escalation(34945)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/41691" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34945"
}, },
{ {
"name" : "ircservices-doset-privilege-escalation(34945)", "name": "41691",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34945" "url": "http://osvdb.org/41691"
} }
] ]
} }

86
2007/3xxx/CVE-2007-3288.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3288", "ID": "CVE-2007-3288",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the skeltoac stats (Automattic Stats) 1.0 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer field." "value": "Cross-site scripting (XSS) vulnerability in the skeltoac stats (Automattic Stats) 1.0 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer field."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070619 Persistent cross-site scripting in wordpress.com dashboard", "name": "24551",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/471734/100/0/threaded" "url": "http://www.securityfocus.com/bid/24551"
}, },
{ {
"name" : "24551", "name": "automatticstats-wordpress-header-xss(34934)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/24551" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34934"
}, },
{ {
"name" : "38472", "name": "2826",
"refsource" : "OSVDB", "refsource": "SREASON",
"url" : "http://osvdb.org/38472" "url": "http://securityreason.com/securityalert/2826"
}, },
{ {
"name" : "2826", "name": "38472",
"refsource" : "SREASON", "refsource": "OSVDB",
"url" : "http://securityreason.com/securityalert/2826" "url": "http://osvdb.org/38472"
}, },
{ {
"name" : "automatticstats-wordpress-header-xss(34934)", "name": "20070619 Persistent cross-site scripting in wordpress.com dashboard",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34934" "url": "http://www.securityfocus.com/archive/1/471734/100/0/threaded"
} }
] ]
} }

170
2007/3xxx/CVE-2007-3851.json
View File

@ -1,151 +1,151 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-3851", "ID": "CVE-2007-3851",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer." "value": "The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2", "name": "25263",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2" "url": "http://www.securityfocus.com/bid/25263"
}, },
{ {
"name" : "https://issues.rpath.com/browse/RPL-1620", "name": "26389",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://issues.rpath.com/browse/RPL-1620" "url": "http://secunia.com/advisories/26389"
}, },
{ {
"name" : "DSA-1356", "name": "27227",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2007/dsa-1356" "url": "http://secunia.com/advisories/27227"
}, },
{ {
"name" : "MDVSA-2008:105", "name": "26664",
"refsource" : "MANDRIVA", "refsource": "SECUNIA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105" "url": "http://secunia.com/advisories/26664"
}, },
{ {
"name" : "RHSA-2007:0705", "name": "26643",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0705.html" "url": "http://secunia.com/advisories/26643"
}, },
{ {
"name" : "SUSE-SA:2007:051", "name": "SUSE-SA:2007:051",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_51_kernel.html" "url": "http://www.novell.com/linux/security/advisories/2007_51_kernel.html"
}, },
{ {
"name" : "SUSE-SA:2007:053", "name": "SUSE-SA:2007:053",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_53_kernel.html" "url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
}, },
{ {
"name" : "USN-510-1", "name": "https://issues.rpath.com/browse/RPL-1620",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://www.ubuntu.com/usn/usn-510-1" "url": "https://issues.rpath.com/browse/RPL-1620"
}, },
{ {
"name" : "USN-509-1", "name": "USN-510-1",
"refsource" : "UBUNTU", "refsource": "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-509-1" "url": "http://www.ubuntu.com/usn/usn-510-1"
}, },
{ {
"name" : "25263", "name": "DSA-1356",
"refsource" : "BID", "refsource": "DEBIAN",
"url" : "http://www.securityfocus.com/bid/25263" "url": "http://www.debian.org/security/2007/dsa-1356"
}, },
{ {
"name" : "oval:org.mitre.oval:def:11196", "name": "USN-509-1",
"refsource" : "OVAL", "refsource": "UBUNTU",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11196" "url": "http://www.ubuntu.com/usn/usn-509-1"
}, },
{ {
"name" : "ADV-2007-2854", "name": "oval:org.mitre.oval:def:11196",
"refsource" : "VUPEN", "refsource": "OVAL",
"url" : "http://www.vupen.com/english/advisories/2007/2854" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11196"
}, },
{ {
"name" : "26389", "name": "26760",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/26389" "url": "http://secunia.com/advisories/26760"
}, },
{ {
"name" : "26500", "name": "RHSA-2007:0705",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/26500" "url": "http://www.redhat.com/support/errata/RHSA-2007-0705.html"
}, },
{ {
"name" : "26450", "name": "MDVSA-2008:105",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/26450" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105"
}, },
{ {
"name" : "26643", "name": "ADV-2007-2854",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/26643" "url": "http://www.vupen.com/english/advisories/2007/2854"
}, },
{ {
"name" : "26760", "name": "26500",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/26760" "url": "http://secunia.com/advisories/26500"
}, },
{ {
"name" : "26664", "name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/26664" "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2"
}, },
{ {
"name" : "27227", "name": "26450",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/27227" "url": "http://secunia.com/advisories/26450"
} }
] ]
} }

22
2007/3xxx/CVE-2007-3995.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3995", "ID": "CVE-2007-3995",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

86
2007/4xxx/CVE-2007-4969.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4969", "ID": "CVE-2007-4969",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Process Monitor 1.22 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including (1) NtCreateKey, (2) NtDeleteValueKey, (3) NtLoadKey, (4) NtOpenKey, (5) NtQueryValueKey, (6) NtSetValueKey, and (7) NtUnloadKey." "value": "Process Monitor 1.22 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including (1) NtCreateKey, (2) NtDeleteValueKey, (3) NtLoadKey, (4) NtOpenKey, (5) NtQueryValueKey, (6) NtSetValueKey, and (7) NtUnloadKey."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070918 Plague in (security) software drivers & BSDOhook utility", "name": "25719",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/479830/100/0/threaded" "url": "http://www.securityfocus.com/bid/25719"
}, },
{ {
"name" : "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php", "name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php" "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
}, },
{ {
"name" : "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php", "name": "45953",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php" "url": "http://osvdb.org/45953"
}, },
{ {
"name" : "25719", "name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/25719" "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
}, },
{ {
"name" : "45953", "name": "20070918 Plague in (security) software drivers & BSDOhook utility",
"refsource" : "OSVDB", "refsource": "BUGTRAQ",
"url" : "http://osvdb.org/45953" "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
} }
] ]
} }

116
2007/6xxx/CVE-2007-6691.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6691", "ID": "CVE-2007-6691",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to (1) \"hotlink protection\" in the URL rewrite module, (2) a WebDAV view in the WebDAV module, (3) a comment view in the Comment module, (4) unspecified \"item information disclosure attacks\" in the Core module Gallery application, (5) the slideshow in the Slideshow module, and (6) multiple Print modules." "value": "Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to (1) \"hotlink protection\" in the URL rewrite module, (2) a WebDAV view in the WebDAV module, (3) a comment view in the Comment module, (4) unspecified \"item information disclosure attacks\" in the Core module Gallery application, (5) the slideshow in the Slideshow module, and (6) multiple Print modules."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://gallery.menalto.com/gallery_2.2.4_released", "name": "41664",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://gallery.menalto.com/gallery_2.2.4_released" "url": "http://osvdb.org/41664"
}, },
{ {
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=203217", "name": "http://gallery.menalto.com/gallery_2.2.4_released",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=203217" "url": "http://gallery.menalto.com/gallery_2.2.4_released"
}, },
{ {
"name" : "GLSA-200802-04", "name": "GLSA-200802-04",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200802-04.xml" "url": "http://security.gentoo.org/glsa/glsa-200802-04.xml"
}, },
{ {
"name" : "41662", "name": "41662",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/41662" "url": "http://osvdb.org/41662"
}, },
{ {
"name" : "41663", "name": "41665",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/41663" "url": "http://osvdb.org/41665"
}, },
{ {
"name" : "41664", "name": "41667",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/41664" "url": "http://osvdb.org/41667"
}, },
{ {
"name" : "41665", "name": "41666",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/41665" "url": "http://osvdb.org/41666"
}, },
{ {
"name" : "41666", "name": "28898",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://osvdb.org/41666" "url": "http://secunia.com/advisories/28898"
}, },
{ {
"name" : "41667", "name": "http://bugs.gentoo.org/show_bug.cgi?id=203217",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://osvdb.org/41667" "url": "http://bugs.gentoo.org/show_bug.cgi?id=203217"
}, },
{ {
"name" : "28898", "name": "41663",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/28898" "url": "http://osvdb.org/41663"
} }
] ]
} }

80
2010/0xxx/CVE-2010-0086.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-0086", "ID": "CVE-2010-0086",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0855." "value": "Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0855."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html", "name": "TA10-103B",
"refsource" : "CONFIRM", "refsource": "CERT",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html" "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
}, },
{ {
"name" : "TA10-103B", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html",
"refsource" : "CERT", "refsource": "CONFIRM",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-103B.html" "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
}, },
{ {
"name" : "1023869", "name": "1023869",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id?1023869" "url": "http://www.securitytracker.com/id?1023869"
}, },
{ {
"name" : "39439", "name": "39439",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/39439" "url": "http://secunia.com/advisories/39439"
} }
] ]
} }

74
2010/0xxx/CVE-2010-0691.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0691", "ID": "CVE-2010-0691",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows remote attackers to execute arbitrary SQL commands via the s parameter." "value": "SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows remote attackers to execute arbitrary SQL commands via the s parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "11445", "name": "11445",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/11445" "url": "http://www.exploit-db.com/exploits/11445"
}, },
{ {
"name" : "62329", "name": "62329",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/62329" "url": "http://osvdb.org/62329"
}, },
{ {
"name" : "38588", "name": "38588",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/38588" "url": "http://secunia.com/advisories/38588"
} }
] ]
} }

80
2010/1xxx/CVE-2010-1046.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-1046", "ID": "CVE-2010-1046",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters." "value": "Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "11356", "name": "62162",
"refsource" : "EXPLOIT-DB", "refsource": "OSVDB",
"url" : "http://www.exploit-db.com/exploits/11356" "url": "http://osvdb.org/62162"
}, },
{ {
"name" : "62162", "name": "38440",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://osvdb.org/62162" "url": "http://secunia.com/advisories/38440"
}, },
{ {
"name" : "38440", "name": "ADV-2010-0318",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/38440" "url": "http://www.vupen.com/english/advisories/2010/0318"
}, },
{ {
"name" : "ADV-2010-0318", "name": "11356",
"refsource" : "VUPEN", "refsource": "EXPLOIT-DB",
"url" : "http://www.vupen.com/english/advisories/2010/0318" "url": "http://www.exploit-db.com/exploits/11356"
} }
] ]
} }

74
2010/1xxx/CVE-2010-1559.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-1559", "ID": "CVE-2010-1559",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a speakerpopup action to index.php. NOTE: some of these details are obtained from third party information." "value": "SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a speakerpopup action to index.php. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://joomlacode.org/gf/project/sermon_speaker/forum/?action=ForumBrowse&forum_id=7897&_forum_action=ForumMessageBrowse&thread_id=15219", "name": "http://joomlacode.org/gf/project/sermon_speaker/news/?action=NewsThreadView&id=2549",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://joomlacode.org/gf/project/sermon_speaker/forum/?action=ForumBrowse&forum_id=7897&_forum_action=ForumMessageBrowse&thread_id=15219" "url": "http://joomlacode.org/gf/project/sermon_speaker/news/?action=NewsThreadView&id=2549"
}, },
{ {
"name" : "http://joomlacode.org/gf/project/sermon_speaker/news/?action=NewsThreadView&id=2549", "name": "http://joomlacode.org/gf/project/sermon_speaker/forum/?action=ForumBrowse&forum_id=7897&_forum_action=ForumMessageBrowse&thread_id=15219",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://joomlacode.org/gf/project/sermon_speaker/news/?action=NewsThreadView&id=2549" "url": "http://joomlacode.org/gf/project/sermon_speaker/forum/?action=ForumBrowse&forum_id=7897&_forum_action=ForumMessageBrowse&thread_id=15219"
}, },
{ {
"name" : "39385", "name": "39385",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/39385" "url": "http://secunia.com/advisories/39385"
} }
] ]
} }

74
2010/1xxx/CVE-2010-1881.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-1881", "ID": "CVE-2010-1881",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 does not properly interact with the memory-access approach used by Internet Explorer and Office during instantiation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTML document that references this control along with crafted persistent storage data, aka \"ACCWIZ.dll Uninitialized Variable Vulnerability.\"" "value": "The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 does not properly interact with the memory-access approach used by Internet Explorer and Office during instantiation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTML document that references this control along with crafted persistent storage data, aka \"ACCWIZ.dll Uninitialized Variable Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS10-044", "name": "MS10-044",
"refsource" : "MS", "refsource": "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-044" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-044"
}, },
{ {
"name" : "TA10-194A", "name": "TA10-194A",
"refsource" : "CERT", "refsource": "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-194A.html" "url": "http://www.us-cert.gov/cas/techalerts/TA10-194A.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:11756", "name": "oval:org.mitre.oval:def:11756",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11756" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11756"
} }
] ]
} }

62
2010/5xxx/CVE-2010-5072.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-5072", "ID": "CVE-2010-5072",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The JavaScript implementation in Opera 10.5 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method." "value": "The JavaScript implementation in Opera 10.5 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://w2spconf.com/2010/papers/p26.pdf", "name": "http://w2spconf.com/2010/papers/p26.pdf",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://w2spconf.com/2010/papers/p26.pdf" "url": "http://w2spconf.com/2010/papers/p26.pdf"
} }
] ]
} }

68
2010/5xxx/CVE-2010-5210.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-5210", "ID": "CVE-2010-5210",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Untrusted search path vulnerability in Sorax Reader 2.0.3129.70 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information." "value": "Untrusted search path vulnerability in Sorax Reader 2.0.3129.70 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/[sorax_pdf_reader]_2.0_insecure_dll_hijacking", "name": "http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/[sorax_pdf_reader]_2.0_insecure_dll_hijacking",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/[sorax_pdf_reader]_2.0_insecure_dll_hijacking" "url": "http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/[sorax_pdf_reader]_2.0_insecure_dll_hijacking"
}, },
{ {
"name" : "41411", "name": "41411",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/41411" "url": "http://secunia.com/advisories/41411"
} }
] ]
} }

62
2014/0xxx/CVE-2014-0413.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-0413", "ID": "CVE-2014-0413",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0426." "value": "Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0426."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
} }
] ]
} }

98
2014/0xxx/CVE-2014-0654.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-0654", "ID": "CVE-2014-0654",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cisco Context Directory Agent (CDA) allows remote attackers to modify the cache via a replay attack involving crafted RADIUS accounting messages, aka Bug ID CSCuj45383." "value": "Cisco Context Directory Agent (CDA) allows remote attackers to modify the cache via a replay attack involving crafted RADIUS accounting messages, aka Bug ID CSCuj45383."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32366", "name": "1029574",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32366" "url": "http://www.securitytracker.com/id/1029574"
}, },
{ {
"name" : "20140107 Cisco Context Directory Agent Replayed RADIUS Accounting Message Vulnerability", "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32366",
"refsource" : "CISCO", "refsource": "CONFIRM",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0654" "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32366"
}, },
{ {
"name" : "64709", "name": "64709",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/64709" "url": "http://www.securityfocus.com/bid/64709"
}, },
{ {
"name" : "101802", "name": "56365",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://osvdb.org/101802" "url": "http://secunia.com/advisories/56365"
}, },
{ {
"name" : "1029574", "name": "20140107 Cisco Context Directory Agent Replayed RADIUS Accounting Message Vulnerability",
"refsource" : "SECTRACK", "refsource": "CISCO",
"url" : "http://www.securitytracker.com/id/1029574" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0654"
}, },
{ {
"name" : "56365", "name": "101802",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/56365" "url": "http://osvdb.org/101802"
}, },
{ {
"name" : "cisco-cda-cve20140654-sec-bypass(90168)", "name": "cisco-cda-cve20140654-sec-bypass(90168)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90168" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90168"
} }
] ]
} }

68
2014/0xxx/CVE-2014-0739.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-0739", "ID": "CVE-2014-0739",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Race condition in the Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to bypass sec_db authentication and provide certain pass-through services to untrusted devices via a crafted configuration-file TFTP request, aka Bug ID CSCuj66766." "value": "Race condition in the Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to bypass sec_db authentication and provide certain pass-through services to untrusted devices via a crafted configuration-file TFTP request, aka Bug ID CSCuj66766."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32955", "name": "20140220 Cisco Adaptive Security Appliance Phone Proxy sec_db Race Condition Vulnerability",
"refsource" : "CONFIRM", "refsource": "CISCO",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32955" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0739"
}, },
{ {
"name" : "20140220 Cisco Adaptive Security Appliance Phone Proxy sec_db Race Condition Vulnerability", "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32955",
"refsource" : "CISCO", "refsource": "CONFIRM",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0739" "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32955"
} }
] ]
} }

86
2014/100xxx/CVE-2014-100010.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-100010", "ID": "CVE-2014-100010",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in ClanSphere 2011.4 allows remote attackers to inject arbitrary web script or HTML via the where parameter in a list action to index.php." "value": "Cross-site scripting (XSS) vulnerability in ClanSphere 2011.4 allows remote attackers to inject arbitrary web script or HTML via the where parameter in a list action to index.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20140307 [HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability", "name": "20140310 [HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability",
"refsource" : "BUGTRAQ", "refsource": "FULLDISC",
"url" : "http://www.securityfocus.com/archive/1/531373/100/0/threaded" "url": "http://seclists.org/fulldisclosure/2014/Mar/73"
}, },
{ {
"name" : "20140310 [HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability", "name": "https://www.httpcs.com/advisory/httpcs127",
"refsource" : "FULLDISC", "refsource": "MISC",
"url" : "http://seclists.org/fulldisclosure/2014/Mar/73" "url": "https://www.httpcs.com/advisory/httpcs127"
}, },
{ {
"name" : "https://www.httpcs.com/advisory/httpcs127", "name": "57306",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "https://www.httpcs.com/advisory/httpcs127" "url": "http://secunia.com/advisories/57306"
}, },
{ {
"name" : "66058", "name": "20140307 [HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/66058" "url": "http://www.securityfocus.com/archive/1/531373/100/0/threaded"
}, },
{ {
"name" : "57306", "name": "66058",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/57306" "url": "http://www.securityfocus.com/bid/66058"
} }
] ]
} }

62
2014/1xxx/CVE-2014-1279.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-1279", "ID": "CVE-2014-1279",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data." "value": "Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT6163", "name": "http://support.apple.com/kb/HT6163",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT6163" "url": "http://support.apple.com/kb/HT6163"
} }
] ]
} }

104
2014/1xxx/CVE-2014-1618.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1618", "ID": "CVE-2014-1618",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in UAEPD Shopping Cart Script allow remote attackers to execute arbitrary SQL commands via the (1) cat_id or (2) p_id parameter to products.php or id parameter to (3) page.php or (4) news.php." "value": "Multiple SQL injection vulnerabilities in UAEPD Shopping Cart Script allow remote attackers to execute arbitrary SQL commands via the (1) cat_id or (2) p_id parameter to products.php or id parameter to (3) page.php or (4) news.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://packetstormsecurity.com/files/124723/uaepdshopping-sql.txt", "name": "http://www.iphobos.com/blog/2014/01/04/uaepd-script-multiple-sql-injection-vulnerabilty",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.com/files/124723/uaepdshopping-sql.txt" "url": "http://www.iphobos.com/blog/2014/01/04/uaepd-script-multiple-sql-injection-vulnerabilty"
}, },
{ {
"name" : "http://www.iphobos.com/blog/2014/01/04/uaepd-script-multiple-sql-injection-vulnerabilty", "name": "101899",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://www.iphobos.com/blog/2014/01/04/uaepd-script-multiple-sql-injection-vulnerabilty" "url": "http://osvdb.org/101899"
}, },
{ {
"name" : "64734", "name": "http://packetstormsecurity.com/files/124723/uaepdshopping-sql.txt",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/64734" "url": "http://packetstormsecurity.com/files/124723/uaepdshopping-sql.txt"
}, },
{ {
"name" : "101859", "name": "uaepd-multiple-sql-injection(90214)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/101859" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90214"
}, },
{ {
"name" : "101899", "name": "64734",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://osvdb.org/101899" "url": "http://www.securityfocus.com/bid/64734"
}, },
{ {
"name" : "101900", "name": "101859",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/101900" "url": "http://osvdb.org/101859"
}, },
{ {
"name" : "56351", "name": "56351",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/56351" "url": "http://secunia.com/advisories/56351"
}, },
{ {
"name" : "uaepd-multiple-sql-injection(90214)", "name": "101900",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90214" "url": "http://osvdb.org/101900"
} }
] ]
} }

74
2014/5xxx/CVE-2014-5594.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5594", "ID": "CVE-2014-5594",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The CIBC Mobile Banking (aka com.cibc.android.mobi) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." "value": "The CIBC Mobile Banking (aka com.cibc.android.mobi) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "name": "VU#184209",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "url": "http://www.kb.cert.org/vuls/id/184209"
}, },
{ {
"name" : "VU#184209", "name": "VU#582497",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/184209" "url": "http://www.kb.cert.org/vuls/id/582497"
}, },
{ {
"name" : "VU#582497", "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "CERT-VN", "refsource": "MISC",
"url" : "http://www.kb.cert.org/vuls/id/582497" "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
} }
] ]
} }

74
2014/5xxx/CVE-2014-5980.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5980", "ID": "CVE-2014-5980",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Genertel (aka com.genertel) application 2.6.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." "value": "The Genertel (aka com.genertel) application 2.6.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "name": "VU#286729",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "url": "http://www.kb.cert.org/vuls/id/286729"
}, },
{ {
"name" : "VU#286729", "name": "VU#582497",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/286729" "url": "http://www.kb.cert.org/vuls/id/582497"
}, },
{ {
"name" : "VU#582497", "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "CERT-VN", "refsource": "MISC",
"url" : "http://www.kb.cert.org/vuls/id/582497" "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
} }
] ]
} }

74
2015/2xxx/CVE-2015-2408.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2408", "ID": "CVE-2015-2408",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-1767 and CVE-2015-2401." "value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-1767 and CVE-2015-2401."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-458", "name": "1032894",
"refsource" : "MISC", "refsource": "SECTRACK",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-458" "url": "http://www.securitytracker.com/id/1032894"
}, },
{ {
"name" : "MS15-065", "name": "MS15-065",
"refsource" : "MS", "refsource": "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065"
}, },
{ {
"name" : "1032894", "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-458",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://www.securitytracker.com/id/1032894" "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-458"
} }
] ]
} }

80
2015/2xxx/CVE-2015-2566.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-2566", "ID": "CVE-2015-2566",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML." "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "name": "GLSA-201507-19",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" "url": "https://security.gentoo.org/glsa/201507-19"
}, },
{ {
"name" : "GLSA-201507-19", "name": "1032121",
"refsource" : "GENTOO", "refsource": "SECTRACK",
"url" : "https://security.gentoo.org/glsa/201507-19" "url": "http://www.securitytracker.com/id/1032121"
}, },
{ {
"name" : "SUSE-SU-2015:0946", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
}, },
{ {
"name" : "1032121", "name": "SUSE-SU-2015:0946",
"refsource" : "SECTRACK", "refsource": "SUSE",
"url" : "http://www.securitytracker.com/id/1032121" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"
} }
] ]
} }

122
2015/2xxx/CVE-2015-2697.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2697", "ID": "CVE-2015-2697",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\\0' character in a long realm field within a TGS request." "value": "The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\\0' character in a long realm field within a TGS request."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252", "name": "https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252" "url": "https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789"
}, },
{ {
"name" : "https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789", "name": "77581",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789" "url": "http://www.securityfocus.com/bid/77581"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "name": "SUSE-SU-2015:1897",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html"
}, },
{ {
"name" : "DSA-3395", "name": "GLSA-201611-14",
"refsource" : "DEBIAN", "refsource": "GENTOO",
"url" : "http://www.debian.org/security/2015/dsa-3395" "url": "https://security.gentoo.org/glsa/201611-14"
}, },
{ {
"name" : "GLSA-201611-14", "name": "1034084",
"refsource" : "GENTOO", "refsource": "SECTRACK",
"url" : "https://security.gentoo.org/glsa/201611-14" "url": "http://www.securitytracker.com/id/1034084"
}, },
{ {
"name" : "SUSE-SU-2015:1897", "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00006.html" "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
}, },
{ {
"name" : "openSUSE-SU-2015:1928", "name": "openSUSE-SU-2015:1997",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html"
}, },
{ {
"name" : "openSUSE-SU-2015:1997", "name": "openSUSE-SU-2015:1928",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00014.html"
}, },
{ {
"name" : "USN-2810-1", "name": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://www.ubuntu.com/usn/USN-2810-1" "url": "http://krbdev.mit.edu/rt/Ticket/Display.html?id=8252"
}, },
{ {
"name" : "77581", "name": "DSA-3395",
"refsource" : "BID", "refsource": "DEBIAN",
"url" : "http://www.securityfocus.com/bid/77581" "url": "http://www.debian.org/security/2015/dsa-3395"
}, },
{ {
"name" : "1034084", "name": "USN-2810-1",
"refsource" : "SECTRACK", "refsource": "UBUNTU",
"url" : "http://www.securitytracker.com/id/1034084" "url": "http://www.ubuntu.com/usn/USN-2810-1"
} }
] ]
} }

74
2016/10xxx/CVE-2016-10205.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10205", "ID": "CVE-2016-10205",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie." "value": "Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20170204 Re: [FOXMOLE SA 2016-07-05] ZoneMinder - Multiple Issues", "name": "[oss-security] 20170204 Re: [FOXMOLE SA 2016-07-05] ZoneMinder - Multiple Issues",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2017/02/05/1" "url": "http://www.openwall.com/lists/oss-security/2017/02/05/1"
}, },
{ {
"name" : "https://www.foxmole.com/advisories/foxmole-2016-07-05.txt", "name": "97116",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://www.foxmole.com/advisories/foxmole-2016-07-05.txt" "url": "http://www.securityfocus.com/bid/97116"
}, },
{ {
"name" : "97116", "name": "https://www.foxmole.com/advisories/foxmole-2016-07-05.txt",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/97116" "url": "https://www.foxmole.com/advisories/foxmole-2016-07-05.txt"
} }
] ]
} }

68
2016/10xxx/CVE-2016-10222.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10222", "ID": "CVE-2016-10222",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (segmentation violation and application crash) via crafted JavaScript code that triggers a \"type confusion\" in the JSON.stringify function." "value": "runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (segmentation violation and application crash) via crafted JavaScript code that triggers a \"type confusion\" in the JSON.stringify function."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://trac.webkit.org/changeset/208123", "name": "http://trac.webkit.org/changeset/208123",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://trac.webkit.org/changeset/208123" "url": "http://trac.webkit.org/changeset/208123"
}, },
{ {
"name" : "https://bugs.webkit.org/show_bug.cgi?id=164123", "name": "https://bugs.webkit.org/show_bug.cgi?id=164123",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugs.webkit.org/show_bug.cgi?id=164123" "url": "https://bugs.webkit.org/show_bug.cgi?id=164123"
} }
] ]
} }

64
2016/10xxx/CVE-2016-10562.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2016-10562", "ID": "CVE-2016-10562",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "iedriver node module", "product_name": "iedriver node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "<3.0.0" "version_value": "<3.0.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "iedriver is an NPM wrapper for Selenium IEDriver. iedriver versions below 3.0.0 download binary resources over HTTP, which leaves the module vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." "value": "iedriver is an NPM wrapper for Selenium IEDriver. iedriver versions below 3.0.0 download binary resources over HTTP, which leaves the module vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Missing Encryption of Sensitive Data (CWE-311)" "value": "Missing Encryption of Sensitive Data (CWE-311)"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://nodesecurity.io/advisories/174", "name": "https://nodesecurity.io/advisories/174",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://nodesecurity.io/advisories/174" "url": "https://nodesecurity.io/advisories/174"
} }
] ]
} }

86
2016/3xxx/CVE-2016-3622.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-3622", "ID": "CVE-2016-3622",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image." "value": "The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20160407 CVE-2016-3622 libtiff: Divide By Zero in the tiff2rgba tool", "name": "1035508",
"refsource" : "MLIST", "refsource": "SECTRACK",
"url" : "http://www.openwall.com/lists/oss-security/2016/04/07/4" "url": "http://www.securitytracker.com/id/1035508"
}, },
{ {
"name" : "DSA-3762", "name": "85917",
"refsource" : "DEBIAN", "refsource": "BID",
"url" : "http://www.debian.org/security/2017/dsa-3762" "url": "http://www.securityfocus.com/bid/85917"
}, },
{ {
"name" : "GLSA-201701-16", "name": "GLSA-201701-16",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-16" "url": "https://security.gentoo.org/glsa/201701-16"
}, },
{ {
"name" : "85917", "name": "[oss-security] 20160407 CVE-2016-3622 libtiff: Divide By Zero in the tiff2rgba tool",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/85917" "url": "http://www.openwall.com/lists/oss-security/2016/04/07/4"
}, },
{ {
"name" : "1035508", "name": "DSA-3762",
"refsource" : "SECTRACK", "refsource": "DEBIAN",
"url" : "http://www.securitytracker.com/id/1035508" "url": "http://www.debian.org/security/2017/dsa-3762"
} }
] ]
} }

74
2016/4xxx/CVE-2016-4536.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2016-4536", "ID": "CVE-2016-4536",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic." "value": "The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[OpenAFS-announce] 20160316 OpenAFS security release 1.6.17 available", "name": "https://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "https://lists.openafs.org/pipermail/openafs-announce/2016/000496.html" "url": "https://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt"
}, },
{ {
"name" : "https://www.openafs.org/dl/openafs/1.6.17/RELNOTES-1.6.17", "name": "https://www.openafs.org/dl/openafs/1.6.17/RELNOTES-1.6.17",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.openafs.org/dl/openafs/1.6.17/RELNOTES-1.6.17" "url": "https://www.openafs.org/dl/openafs/1.6.17/RELNOTES-1.6.17"
}, },
{ {
"name" : "https://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt", "name": "[OpenAFS-announce] 20160316 OpenAFS security release 1.6.17 available",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt" "url": "https://lists.openafs.org/pipermail/openafs-announce/2016/000496.html"
} }
] ]
} }

86
2016/4xxx/CVE-2016-4858.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-4858", "ID": "CVE-2016-4858",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Splunk Enterprise", "product_name": "Splunk Enterprise",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.4.x prior to 6.4.2" "version_value": "6.4.x prior to 6.4.2"
}, },
{ {
"version_value" : "6.3.x prior to 6.3.6" "version_value": "6.3.x prior to 6.3.6"
}, },
{ {
"version_value" : "6.2.x prior to 6.2.10" "version_value": "6.2.x prior to 6.2.10"
}, },
{ {
"version_value" : "6.1.x prior to 6.1.11" "version_value": "6.1.x prior to 6.1.11"
}, },
{ {
"version_value" : "6.0.x prior to 6.0.12" "version_value": "6.0.x prior to 6.0.12"
}, },
{ {
"version_value" : "5.0.x prior to 5.0.16" "version_value": "5.0.x prior to 5.0.16"
} }
] ]
} }
}, },
{ {
"product_name" : "Splunk Light", "product_name": "Splunk Light",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to 6.4.2" "version_value": "prior to 6.4.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Splunk Inc." "vendor_name": "Splunk Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to 5.0.16 and Splunk Light prior to 6.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." "value": "Cross-site scripting vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.10, Splunk Enterprise 6.1.x prior to 6.1.11, Splunk Enterprise 6.0.x prior to 6.0.12, Splunk Enterprise 5.0.x prior to 5.0.16 and Splunk Light prior to 6.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting" "value": "Cross-site scripting"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.splunk.com/view/SP-CAAAPN9", "name": "https://www.splunk.com/view/SP-CAAAPN9",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.splunk.com/view/SP-CAAAPN9" "url": "https://www.splunk.com/view/SP-CAAAPN9"
}, },
{ {
"name" : "JVN#71462075", "name": "JVN#71462075",
"refsource" : "JVN", "refsource": "JVN",
"url" : "https://jvn.jp/en/jp/JVN71462075/index.html" "url": "https://jvn.jp/en/jp/JVN71462075/index.html"
} }
] ]
} }

22
2016/8xxx/CVE-2016-8264.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-8264", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2016-8264",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }

68
2016/8xxx/CVE-2016-8802.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@huawei.com", "ASSIGNER": "psirt@huawei.com",
"ID" : "CVE-2016-8802", "ID": "CVE-2016-8802",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Secospace USG6300,Secospace USG6500,Secospace USG6600 Secospace USG6300 V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200,Secospace USG6500 V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200,Secospace USG6600 V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200,", "product_name": "Secospace USG6300,Secospace USG6500,Secospace USG6600 Secospace USG6300 V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200,Secospace USG6500 V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200,Secospace USG6600 V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200,",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Secospace USG6300,Secospace USG6500,Secospace USG6600 Secospace USG6300 V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200,Secospace USG6500 V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200,Secospace USG6600 V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200," "version_value": "Secospace USG6300,Secospace USG6500,Secospace USG6600 Secospace USG6300 V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200,Secospace USG6500 V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200,Secospace USG6600 V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200,"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The security policy processing module in Huawei Secospace USG6300 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6500 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6600 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200 allows authenticated attackers to setup a specific security policy into the devices, causing a buffer overflow and crashing the system." "value": "The security policy processing module in Huawei Secospace USG6300 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6500 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6600 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200 allows authenticated attackers to setup a specific security policy into the devices, causing a buffer overflow and crashing the system."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "buffer overflow" "value": "buffer overflow"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161125-01-usg-en", "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161125-01-usg-en",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161125-01-usg-en" "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161125-01-usg-en"
}, },
{ {
"name" : "94538", "name": "94538",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/94538" "url": "http://www.securityfocus.com/bid/94538"
} }
] ]
} }

80
2016/8xxx/CVE-2016-8807.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@nvidia.com", "ASSIGNER": "psirt@nvidia.com",
"ID" : "CVE-2016-8807", "ID": "CVE-2016-8807",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Quadro, NVS, and GeForce (all versions)", "product_name": "Quadro, NVS, and GeForce (all versions)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Quadro, NVS, and GeForce (all versions)" "version_value": "Quadro, NVS, and GeForce (all versions)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x10000e9 where a value is passed from an user to the driver is used without validation as the size input to memcpy() causing a stack buffer overflow, leading to denial of service or potential escalation of privileges." "value": "For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x10000e9 where a value is passed from an user to the driver is used without validation as the size input to memcpy() causing a stack buffer overflow, leading to denial of service or potential escalation of privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Denial of Service" "value": "Denial of Service"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "40668", "name": "https://support.lenovo.com/us/en/solutions/LEN-10822",
"refsource" : "EXPLOIT-DB", "refsource": "CONFIRM",
"url" : "https://www.exploit-db.com/exploits/40668/" "url": "https://support.lenovo.com/us/en/solutions/LEN-10822"
}, },
{ {
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4247", "name": "40668",
"refsource" : "CONFIRM", "refsource": "EXPLOIT-DB",
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4247" "url": "https://www.exploit-db.com/exploits/40668/"
}, },
{ {
"name" : "https://support.lenovo.com/us/en/solutions/LEN-10822", "name": "94002",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.lenovo.com/us/en/solutions/LEN-10822" "url": "http://www.securityfocus.com/bid/94002"
}, },
{ {
"name" : "94002", "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/94002" "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4247"
} }
] ]
} }

22
2016/8xxx/CVE-2016-8872.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-8872", "ID": "CVE-2016-8872",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

88
2016/9xxx/CVE-2016-9067.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2016-9067", "ID": "CVE-2016-9067",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "50" "version_value": "50"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50." "value": "Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "heap-use-after-free in nsINode::ReplaceOrInsertBefore" "value": "heap-use-after-free in nsINode::ReplaceOrInsertBefore"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1301777", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1301777",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1301777" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1301777"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1308922", "name": "94337",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1308922" "url": "http://www.securityfocus.com/bid/94337"
}, },
{ {
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-89/", "name": "1037298",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-89/" "url": "http://www.securitytracker.com/id/1037298"
}, },
{ {
"name" : "94337", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1308922",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/94337" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1308922"
}, },
{ {
"name" : "1037298", "name": "https://www.mozilla.org/security/advisories/mfsa2016-89/",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1037298" "url": "https://www.mozilla.org/security/advisories/mfsa2016-89/"
} }
] ]
} }

22
2016/9xxx/CVE-2016-9133.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9133", "ID": "CVE-2016-9133",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2016/9xxx/CVE-2016-9245.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "f5sirt@f5.com", "ASSIGNER": "f5sirt@f5.com",
"ID" : "CVE-2016-9245", "ID": "CVE-2016-9245",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe", "product_name": "F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, WebSafe",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "12.1.0 - 12.1.2" "version_value": "12.1.0 - 12.1.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "F5 Networks" "vendor_name": "F5 Networks"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default \"Normalize URI\" configuration options used in iRules and/or BIG-IP LTM policies. An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group." "value": "In F5 BIG-IP systems 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default \"Normalize URI\" configuration options used in iRules and/or BIG-IP LTM policies. An attacker may be able to disrupt traffic or cause the BIG-IP system to fail over to another device in the device group."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "denial of service" "value": "denial of service"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.f5.com/csp/article/K22216037", "name": "https://support.f5.com/csp/article/K22216037",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.f5.com/csp/article/K22216037" "url": "https://support.f5.com/csp/article/K22216037"
}, },
{ {
"name" : "96471", "name": "1037964",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/96471" "url": "http://www.securitytracker.com/id/1037964"
}, },
{ {
"name" : "1037964", "name": "96471",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1037964" "url": "http://www.securityfocus.com/bid/96471"
} }
] ]
} }

92
2016/9xxx/CVE-2016-9379.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9379", "ID": "CVE-2016-9379",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file." "value": "The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://xenbits.xen.org/xsa/advisory-198.html", "name": "http://xenbits.xen.org/xsa/xsa198.patch",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://xenbits.xen.org/xsa/advisory-198.html" "url": "http://xenbits.xen.org/xsa/xsa198.patch"
}, },
{ {
"name" : "http://xenbits.xen.org/xsa/xsa198.patch", "name": "94473",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://xenbits.xen.org/xsa/xsa198.patch" "url": "http://www.securityfocus.com/bid/94473"
}, },
{ {
"name" : "https://support.citrix.com/article/CTX218775", "name": "GLSA-201612-56",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "https://support.citrix.com/article/CTX218775" "url": "https://security.gentoo.org/glsa/201612-56"
}, },
{ {
"name" : "GLSA-201612-56", "name": "http://xenbits.xen.org/xsa/advisory-198.html",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201612-56" "url": "http://xenbits.xen.org/xsa/advisory-198.html"
}, },
{ {
"name" : "94473", "name": "1037347",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/94473" "url": "http://www.securitytracker.com/id/1037347"
}, },
{ {
"name" : "1037347", "name": "https://support.citrix.com/article/CTX218775",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1037347" "url": "https://support.citrix.com/article/CTX218775"
} }
] ]
} }

22
2019/2xxx/CVE-2019-2391.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2391", "ID": "CVE-2019-2391",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

78
2019/2xxx/CVE-2019-2418.json
View File

@ -1,75 +1,75 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2019-2418", "ID": "CVE-2019-2418",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "WebLogic Server", "product_name": "WebLogic Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "10.3.6.0" "version_value": "10.3.6.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.1.3.0" "version_value": "12.1.3.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.1.3" "version_value": "12.2.1.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.0 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L)." "value": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.0 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server." "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "name": "106617",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "url": "http://www.securityfocus.com/bid/106617"
}, },
{ {
"name" : "106617", "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/106617" "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
} }
] ]
} }

22
2019/2xxx/CVE-2019-2483.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2483", "ID": "CVE-2019-2483",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/2xxx/CVE-2019-2956.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2956", "ID": "CVE-2019-2956",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/6xxx/CVE-2019-6015.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6015", "ID": "CVE-2019-6015",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

118
2019/6xxx/CVE-2019-6210.json
View File

@ -1,115 +1,115 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2019-6210", "ID": "CVE-2019-6210",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "iOS", "product_name": "iOS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "iOS 12.1.3" "version_value": "iOS 12.1.3"
} }
] ]
} }
}, },
{ {
"product_name" : "macOS", "product_name": "macOS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "macOS Mojave 10.14.3" "version_value": "macOS Mojave 10.14.3"
} }
] ]
} }
}, },
{ {
"product_name" : "tvOS", "product_name": "tvOS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "tvOS 12.1.2" "version_value": "tvOS 12.1.2"
} }
] ]
} }
}, },
{ {
"product_name" : "watchOS", "product_name": "watchOS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "watchOS 5.1.3" "version_value": "watchOS 5.1.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apple" "vendor_name": "Apple"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to execute arbitrary code with kernel privileges." "value": "A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to execute arbitrary code with kernel privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A malicious application may be able to execute arbitrary code with kernel privileges" "value": "A malicious application may be able to execute arbitrary code with kernel privileges"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT209443", "name": "https://support.apple.com/HT209446",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT209443" "url": "https://support.apple.com/HT209446"
}, },
{ {
"name" : "https://support.apple.com/HT209446", "name": "https://support.apple.com/HT209443",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT209446" "url": "https://support.apple.com/HT209443"
}, },
{ {
"name" : "https://support.apple.com/HT209447", "name": "https://support.apple.com/HT209448",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT209447" "url": "https://support.apple.com/HT209448"
}, },
{ {
"name" : "https://support.apple.com/HT209448", "name": "106739",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.apple.com/HT209448" "url": "http://www.securityfocus.com/bid/106739"
}, },
{ {
"name" : "106739", "name": "https://support.apple.com/HT209447",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/106739" "url": "https://support.apple.com/HT209447"
} }
] ]
} }

22
2019/6xxx/CVE-2019-6332.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6332", "ID": "CVE-2019-6332",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/6xxx/CVE-2019-6987.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6987", "ID": "CVE-2019-6987",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/7xxx/CVE-2019-7449.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7449", "ID": "CVE-2019-7449",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2019/7xxx/CVE-2019-7543.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7543", "ID": "CVE-2019-7543",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability." "value": "In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/0xUhaw/CVE-Bins/tree/master/KindEditor", "name": "https://github.com/0xUhaw/CVE-Bins/tree/master/KindEditor",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/0xUhaw/CVE-Bins/tree/master/KindEditor" "url": "https://github.com/0xUhaw/CVE-Bins/tree/master/KindEditor"
} }
] ]
} }

22
2019/7xxx/CVE-2019-7965.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7965", "ID": "CVE-2019-7965",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }