admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:00:07 +00:00
parent 68f102a273
commit cbb8f287bd
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
51 changed files with 3402 additions and 3402 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
1999/0xxx/CVE-1999-0430.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0430",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0430",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload."
"lang": "eng",
"value": "Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "1103",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/1103"
"name": "1103",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1103"
}
]
}

62
1999/0xxx/CVE-1999-0609.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0609",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0609",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An incorrect configuration of the SoftCart CGI program \"SoftCart.exe\" could disclose private information."
"lang": "eng",
"value": "An incorrect configuration of the SoftCart CGI program \"SoftCart.exe\" could disclose private information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "19990420 Shopping Carts exposing CC data",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=92462991805485&w=2"
"name": "19990420 Shopping Carts exposing CC data",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=92462991805485&w=2"
}
]
}

22
1999/1xxx/CVE-1999-1310.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1310",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-1999-1310",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1022. Reason: This candidate is a duplicate of CVE-1999-1022. Notes: All CVE users should reference CVE-1999-1022 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1022. Reason: This candidate is a duplicate of CVE-1999-1022. Notes: All CVE users should reference CVE-1999-1022 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

80
2000/1xxx/CVE-2000-1032.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-1032",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1032",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall."
"lang": "eng",
"value": "The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20001101 Re: Samba 2.0.7 SWAT vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/142808"
"name": "20001101 Re: Samba 2.0.7 SWAT vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/142808"
},
{
"name" : "1890",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1890"
"name": "fw1-login-response(5816)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5816"
},
{
"name" : "fw1-login-response(5816)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5816"
"name": "1632",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1632"
},
{
"name" : "1632",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/1632"
"name": "1890",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1890"
}
]
}

80
2005/2xxx/CVE-2005-2419.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2419",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2419",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "B-FOCuS Router 312+ allows remote attackers to bypass authentication and gain unauthorized access via a direct request to firmwarecfg."
"lang": "eng",
"value": "B-FOCuS Router 312+ allows remote attackers to bypass authentication and gain unauthorized access via a direct request to firmwarecfg."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050724 ECI router login bypass",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=112230649106740&w=2"
"name": "16205",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16205"
},
{
"name" : "14364",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14364"
"name": "14364",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14364"
},
{
"name" : "16205",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16205"
"name": "eci-router-login-security-bypass(21521)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21521"
},
{
"name" : "eci-router-login-security-bypass(21521)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21521"
"name": "20050724 ECI router login bypass",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112230649106740&w=2"
}
]
}

98
2005/2xxx/CVE-2005-2838.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2838",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2838",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in login.php in myBloggie 2.1.3-beta and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter."
"lang": "eng",
"value": "SQL injection vulnerability in login.php in myBloggie 2.1.3-beta and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050905 Vulnerability in myBloggie 2.1.3-beta and prior",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=112607358831963&w=2"
"name": "20051211 [PHP-CHECKER] 99 potential SQL injection vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/419280/100/0/threaded"
},
{
"name" : "http://mywebland.com/forums/showtopic.php?t=399",
"refsource" : "CONFIRM",
"url" : "http://mywebland.com/forums/showtopic.php?t=399"
"name": "14739",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14739"
},
{
"name" : "20051211 [PHP-CHECKER] 99 potential SQL injection vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/419280/100/0/threaded"
"name": "http://mywebland.com/forums/showtopic.php?t=399",
"refsource": "CONFIRM",
"url": "http://mywebland.com/forums/showtopic.php?t=399"
},
{
"name" : "http://glide.stanford.edu/yichen/research/sec.pdf",
"refsource" : "MISC",
"url" : "http://glide.stanford.edu/yichen/research/sec.pdf"
"name": "http://glide.stanford.edu/yichen/research/sec.pdf",
"refsource": "MISC",
"url": "http://glide.stanford.edu/yichen/research/sec.pdf"
},
{
"name" : "14739",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14739"
"name": "16699",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16699"
},
{
"name" : "16699",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16699"
"name": "20050905 Vulnerability in myBloggie 2.1.3-beta and prior",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112607358831963&w=2"
},
{
"name" : "mybloggie-login-sql-injection(22162)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22162"
"name": "mybloggie-login-sql-injection(22162)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22162"
}
]
}

278
2005/2xxx/CVE-2005-2871.json
View File

@ -1,241 +1,241 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2871",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-2871",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all \"soft\" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec."
"lang": "eng",
"value": "Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all \"soft\" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20050909 Mozilla Firefox \"Host:\" Buffer Overflow",
"refsource" : "FULLDISC",
"url" : "http://marc.info/?l=full-disclosure&m=112624614008387&w=2"
"name": "VU#573857",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/573857"
},
{
"name" : "http://www.security-protocols.com/firefox-death.html",
"refsource" : "MISC",
"url" : "http://www.security-protocols.com/firefox-death.html"
"name": "DSA-868",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-868"
},
{
"name" : "http://www.security-protocols.com/advisory/sp-x17-advisory.txt",
"refsource" : "MISC",
"url" : "http://www.security-protocols.com/advisory/sp-x17-advisory.txt"
"name": "ADV-2005-1824",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/1824"
},
{
"name" : "20050911 FireFox \"Host:\" Buffer Overflow is not just exploitable on FireFox",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0316.html"
"name": "FLSA-2006:168375",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html"
},
{
"name" : "http://www.mozilla.org/security/announce/mfsa2005-57.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/mfsa2005-57.html"
"name": "ADV-2005-1690",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/1690"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=307259",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=307259"
"name": "83",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/83"
},
{
"name" : "DSA-837",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-837"
"name": "16767",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16767"
},
{
"name" : "DSA-868",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-868"
"name": "oval:org.mitre.oval:def:1287",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1287"
},
{
"name" : "DSA-866",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-866"
"name": "ADV-2005-1691",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/1691"
},
{
"name" : "FLSA-2006:168375",
"refsource" : "FEDORA",
"url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html"
"name": "16764",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16764"
},
{
"name" : "GLSA-200509-11",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200509-11.xml"
"name": "DSA-837",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-837"
},
{
"name" : "MDKSA-2005:174",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174"
"name": "oval:org.mitre.oval:def:584",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A584"
},
{
"name" : "RHSA-2005:768",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-768.html"
"name": "USN-181-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-181-1"
},
{
"name" : "RHSA-2005:769",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-769.html"
"name": "RHSA-2005:791",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-791.html"
},
{
"name" : "RHSA-2005:791",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-791.html"
"name": "17042",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17042"
},
{
"name" : "USN-181-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-181-1"
"name": "14784",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14784"
},
{
"name" : "VU#573857",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/573857"
"name": "oval:org.mitre.oval:def:9608",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9608"
},
{
"name" : "P-303",
"refsource" : "CIAC",
"url" : "http://www.ciac.org/ciac/bulletins/p-303.shtml"
"name": "16766",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16766"
},
{
"name" : "http://www.securiteam.com/securitynews/5RP0B0UGVW.html",
"refsource" : "MISC",
"url" : "http://www.securiteam.com/securitynews/5RP0B0UGVW.html"
"name": "DSA-866",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-866"
},
{
"name" : "14784",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14784"
"name": "http://www.security-protocols.com/advisory/sp-x17-advisory.txt",
"refsource": "MISC",
"url": "http://www.security-protocols.com/advisory/sp-x17-advisory.txt"
},
{
"name" : "oval:org.mitre.oval:def:9608",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9608"
"name": "20050911 FireFox \"Host:\" Buffer Overflow is not just exploitable on FireFox",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0316.html"
},
{
"name" : "ADV-2005-1690",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/1690"
"name": "RHSA-2005:769",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-769.html"
},
{
"name" : "ADV-2005-1691",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/1691"
"name": "1014877",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014877"
},
{
"name" : "ADV-2005-1824",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/1824"
"name": "http://www.mozilla.org/security/announce/mfsa2005-57.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/mfsa2005-57.html"
},
{
"name" : "19255",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/19255"
"name": "http://www.securiteam.com/securitynews/5RP0B0UGVW.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/securitynews/5RP0B0UGVW.html"
},
{
"name" : "oval:org.mitre.oval:def:1287",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1287"
"name": "17284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17284"
},
{
"name" : "oval:org.mitre.oval:def:584",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A584"
"name": "19255",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19255"
},
{
"name" : "1014877",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1014877"
"name": "17263",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17263"
},
{
"name" : "16764",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16764"
"name": "RHSA-2005:768",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-768.html"
},
{
"name" : "16766",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16766"
"name": "P-303",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-303.shtml"
},
{
"name" : "16767",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16767"
"name": "GLSA-200509-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200509-11.xml"
},
{
"name" : "17042",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17042"
"name": "http://www.security-protocols.com/firefox-death.html",
"refsource": "MISC",
"url": "http://www.security-protocols.com/firefox-death.html"
},
{
"name" : "17090",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17090"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=307259",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=307259"
},
{
"name" : "17284",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17284"
"name": "MDKSA-2005:174",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174"
},
{
"name" : "17263",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17263"
"name": "17090",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17090"
},
{
"name" : "83",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/83"
"name": "20050909 Mozilla Firefox \"Host:\" Buffer Overflow",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=112624614008387&w=2"
},
{
"name" : "mozilla-url-bo(22207)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22207"
"name": "mozilla-url-bo(22207)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22207"
}
]
}

74
2007/1xxx/CVE-2007-1154.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1154",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1154",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in webSPELL allows remote attackers to execute arbitrary SQL commands via a ws_auth cookie, a different vulnerability than CVE-2006-4782."
"lang": "eng",
"value": "SQL injection vulnerability in webSPELL allows remote attackers to execute arbitrary SQL commands via a ws_auth cookie, a different vulnerability than CVE-2006-4782."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070222 WebSpell > 4.0 Authentication Bypass and arbitrary code execution",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/460937/100/0/threaded"
"name": "webspell-login-sql-injection(32669)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32669"
},
{
"name" : "2337",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2337"
"name": "2337",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2337"
},
{
"name" : "webspell-login-sql-injection(32669)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32669"
"name": "20070222 WebSpell > 4.0 Authentication Bypass and arbitrary code execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460937/100/0/threaded"
}
]
}

80
2007/5xxx/CVE-2007-5062.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5062",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5062",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "account.php in Adam Scheinberg Flip 3.0 and earlier allows remote attackers to create administrative accounts via the un parameter in a register action."
"lang": "eng",
"value": "account.php in Adam Scheinberg Flip 3.0 and earlier allows remote attackers to create administrative accounts via the un parameter in a register action."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4435",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4435"
"name": "4435",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4435"
},
{
"name" : "25746",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25746"
"name": "41904",
"refsource": "OSVDB",
"url": "http://osvdb.org/41904"
},
{
"name" : "41904",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41904"
"name": "flip-account-unauthorized-access(36709)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36709"
},
{
"name" : "flip-account-unauthorized-access(36709)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36709"
"name": "25746",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25746"
}
]
}

116
2007/5xxx/CVE-2007-5082.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5082",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5082",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter."
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070927 Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601"
"name": "ca-brightstor-csagent-bo(36825)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36825"
},
{
"name" : "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/480808/100/0/threaded"
"name": "26914",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26914"
},
{
"name" : "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp",
"refsource" : "CONFIRM",
"url" : "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"
"name": "20070927 Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601"
},
{
"name" : "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690",
"refsource" : "CONFIRM",
"url" : "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690"
"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"
},
{
"name" : "http://dvlabs.tippingpoint.com/advisory/TPTI-07-16",
"refsource" : "CONFIRM",
"url" : "http://dvlabs.tippingpoint.com/advisory/TPTI-07-16"
"name": "ADV-2007-3275",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3275"
},
{
"name" : "25823",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25823"
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-16",
"refsource": "CONFIRM",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-16"
},
{
"name" : "ADV-2007-3275",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3275"
"name": "25823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25823"
},
{
"name" : "1018747",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1018747"
"name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690"
},
{
"name" : "26914",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26914"
"name": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"
},
{
"name" : "ca-brightstor-csagent-bo(36825)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36825"
"name": "1018747",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018747"
}
]
}

122
2007/5xxx/CVE-2007-5301.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5301",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5301",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the vorbis_stream_info function in input/vorbis/vorbis_engine.c (aka the vorbis input plugin) in AlsaPlayer before 0.99.80-rc3 allows remote attackers to execute arbitrary code via a .OGG file with long comments."
"lang": "eng",
"value": "Buffer overflow in the vorbis_stream_info function in input/vorbis/vorbis_engine.c (aka the vorbis input plugin) in AlsaPlayer before 0.99.80-rc3 allows remote attackers to execute arbitrary code via a .OGG file with long comments."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080409 [CVE-2007-5301] alsaplayer PoC - exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/490671/100/0/threaded"
"name": "DSA-1538",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1538"
},
{
"name" : "5424",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/5424"
"name": "25969",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25969"
},
{
"name" : "http://www.wekk.net/research/CVE-2007-5301/CVE-2007-5301-exploit.sh",
"refsource" : "MISC",
"url" : "http://www.wekk.net/research/CVE-2007-5301/CVE-2007-5301-exploit.sh"
"name": "27117",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27117"
},
{
"name" : "http://sourceforge.net/forum/forum.php?forum_id=742584",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/forum/forum.php?forum_id=742584"
"name": "5424",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5424"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=544663&group_id=249",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=544663&group_id=249"
"name": "alsaplayer-vorbis-input-bo(36996)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36996"
},
{
"name" : "DSA-1538",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1538"
"name": "20080409 [CVE-2007-5301] alsaplayer PoC - exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490671/100/0/threaded"
},
{
"name" : "25969",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25969"
"name": "29680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29680"
},
{
"name" : "ADV-2007-3393",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3393"
"name": "http://sourceforge.net/forum/forum.php?forum_id=742584",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=742584"
},
{
"name" : "27117",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27117"
"name": "http://www.wekk.net/research/CVE-2007-5301/CVE-2007-5301-exploit.sh",
"refsource": "MISC",
"url": "http://www.wekk.net/research/CVE-2007-5301/CVE-2007-5301-exploit.sh"
},
{
"name" : "29680",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29680"
"name": "ADV-2007-3393",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3393"
},
{
"name" : "alsaplayer-vorbis-input-bo(36996)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36996"
"name": "http://sourceforge.net/project/shownotes.php?release_id=544663&group_id=249",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=544663&group_id=249"
}
]
}

110
2007/5xxx/CVE-2007-5590.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5590",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5590",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in Miranda before 0.7.1 allow remote attackers to execute arbitrary code via unspecified vectors involving (1) IRC options, (2) Jabber forms, and unspecified aspects of the (3) ICQ and (4) Yahoo! instant messaging functionality. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Multiple buffer overflows in Miranda before 0.7.1 allow remote attackers to execute arbitrary code via unspecified vectors involving (1) IRC options, (2) Jabber forms, and unspecified aspects of the (3) ICQ and (4) Yahoo! instant messaging functionality. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sourceforge.net/project/shownotes.php?group_id=94142&release_id=547866",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?group_id=94142&release_id=547866"
"name": "http://sourceforge.net/project/shownotes.php?group_id=94142&release_id=547866",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=94142&release_id=547866"
},
{
"name" : "26115",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26115"
"name": "41805",
"refsource": "OSVDB",
"url": "http://osvdb.org/41805"
},
{
"name" : "ADV-2007-3539",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3539"
"name": "27287",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27287"
},
{
"name" : "41804",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41804"
"name": "41806",
"refsource": "OSVDB",
"url": "http://osvdb.org/41806"
},
{
"name" : "41805",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41805"
"name": "41807",
"refsource": "OSVDB",
"url": "http://osvdb.org/41807"
},
{
"name" : "41806",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41806"
"name": "41804",
"refsource": "OSVDB",
"url": "http://osvdb.org/41804"
},
{
"name" : "41807",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41807"
"name": "miranda-im-multiple-bo(37291)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37291"
},
{
"name" : "27287",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27287"
"name": "ADV-2007-3539",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3539"
},
{
"name" : "miranda-im-multiple-bo(37291)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37291"
"name": "26115",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26115"
}
]
}

80
2007/5xxx/CVE-2007-5719.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5719",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5719",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in bb_func_search.php in miniBB 2.1 allows remote attackers to execute arbitrary SQL commands via the table parameter to index.php."
"lang": "eng",
"value": "SQL injection vulnerability in bb_func_search.php in miniBB 2.1 allows remote attackers to execute arbitrary SQL commands via the table parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4587",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4587"
"name": "minibb-table-sql-injection(38152)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38152"
},
{
"name" : "http://www.minibb.net/forums/9_4888_0.html",
"refsource" : "CONFIRM",
"url" : "http://www.minibb.net/forums/9_4888_0.html"
"name": "4587",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4587"
},
{
"name" : "26249",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26249"
"name": "http://www.minibb.net/forums/9_4888_0.html",
"refsource": "CONFIRM",
"url": "http://www.minibb.net/forums/9_4888_0.html"
},
{
"name" : "minibb-table-sql-injection(38152)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38152"
"name": "26249",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26249"
}
]
}

22
2007/5xxx/CVE-2007-5765.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5765",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5765",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2009/2xxx/CVE-2009-2172.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2172",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2172",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in forum/radioandtv.php in the Radio and TV Player addon for vBulletin allows remote registered users to inject arbitrary web script or HTML via the station parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in forum/radioandtv.php in the Radio and TV Player addon for vBulletin allows remote registered users to inject arbitrary web script or HTML via the station parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "8965",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/8965"
"name": "35385",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35385"
},
{
"name" : "35385",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35385"
"name": "8965",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8965"
}
]
}

80
2009/2xxx/CVE-2009-2496.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2496",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2009-2496",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 SP1, and Office Small Business Accounting 2006 allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka \"Office Web Components Heap Corruption Vulnerability.\""
"lang": "eng",
"value": "Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 SP1, and Office Small Business Accounting 2006 allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka \"Office Web Components Heap Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS09-043",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-043"
"name": "TA09-223A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html"
},
{
"name" : "TA09-223A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-223A.html"
"name": "1022708",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022708"
},
{
"name" : "oval:org.mitre.oval:def:5645",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5645"
"name": "oval:org.mitre.oval:def:5645",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5645"
},
{
"name" : "1022708",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1022708"
"name": "MS09-043",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-043"
}
]
}

86
2009/2xxx/CVE-2009-2812.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2812",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2812",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site."
"lang": "eng",
"value": "Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT3865",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT3865"
"name": "36361",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36361"
},
{
"name" : "APPLE-SA-2009-09-10-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
"name": "57954",
"refsource": "OSVDB",
"url": "http://osvdb.org/57954"
},
{
"name" : "36361",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/36361"
"name": "APPLE-SA-2009-09-10-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html"
},
{
"name" : "57954",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/57954"
"name": "http://support.apple.com/kb/HT3865",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3865"
},
{
"name" : "36701",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/36701"
"name": "36701",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36701"
}
]
}

74
2015/0xxx/CVE-2015-0028.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0028",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-0028",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-0048."
"lang": "eng",
"value": "Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-0048."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS15-009",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009"
"name": "1031723",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031723"
},
{
"name" : "72442",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72442"
"name": "MS15-009",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009"
},
{
"name" : "1031723",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031723"
"name": "72442",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72442"
}
]
}

68
2015/0xxx/CVE-2015-0795.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0795",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"ID": "CVE-2015-0795",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in the SafeShellExecute method in the NetIQExecObject.NetIQExec.1 ActiveX control in NetIQExec.dll in NetIQ Security Solutions for iSeries 8.1 allow remote attackers to execute arbitrary code via long arguments, aka ZDI-CAN-2699."
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the SafeShellExecute method in the NetIQExecObject.NetIQExec.1 ActiveX control in NetIQExec.dll in NetIQ Security Solutions for iSeries 8.1 allow remote attackers to execute arbitrary code via long arguments, aka ZDI-CAN-2699."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-340/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-340/"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-340/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-340/"
},
{
"name" : "https://www.netiq.com/support/kb/doc.php?id=7016656",
"refsource" : "CONFIRM",
"url" : "https://www.netiq.com/support/kb/doc.php?id=7016656"
"name": "https://www.netiq.com/support/kb/doc.php?id=7016656",
"refsource": "CONFIRM",
"url": "https://www.netiq.com/support/kb/doc.php?id=7016656"
}
]
}

86
2015/3xxx/CVE-2015-3000.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3000",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3000",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SysAid Help Desk before 15.2 allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of nested entity references in an XML document to (1) /agententry, (2) /rdsmonitoringresponse, or (3) /androidactions, aka an XML Entity Expansion (XEE) attack."
"lang": "eng",
"value": "SysAid Help Desk before 15.2 allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of nested entity references in an XML document to (1) /agententry, (2) /rdsmonitoringresponse, or (3) /androidactions, aka an XML Entity Expansion (XEE) attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150603 [Multiple CVE's]: various critical vulnerabilities in SysAid Help Desk (RCE, file download, DoS, etc)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/535679/100/0/threaded"
"name": "20150603 [Multiple CVE's]: various critical vulnerabilities in SysAid Help Desk (RCE, file download, DoS, etc)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jun/8"
},
{
"name" : "20150603 [Multiple CVE's]: various critical vulnerabilities in SysAid Help Desk (RCE, file download, DoS, etc)",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Jun/8"
"name": "20150603 [Multiple CVE's]: various critical vulnerabilities in SysAid Help Desk (RCE, file download, DoS, etc)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535679/100/0/threaded"
},
{
"name" : "http://packetstormsecurity.com/files/132138/SysAid-Help-Desk-14.4-Code-Execution-Denial-Of-Service-Traversal-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/132138/SysAid-Help-Desk-14.4-Code-Execution-Denial-Of-Service-Traversal-SQL-Injection.html"
"name": "http://packetstormsecurity.com/files/132138/SysAid-Help-Desk-14.4-Code-Execution-Denial-Of-Service-Traversal-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132138/SysAid-Help-Desk-14.4-Code-Execution-Denial-Of-Service-Traversal-SQL-Injection.html"
},
{
"name" : "https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk",
"refsource" : "CONFIRM",
"url" : "https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk"
"name": "75038",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75038"
},
{
"name" : "75038",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75038"
"name": "https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk",
"refsource": "CONFIRM",
"url": "https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk"
}
]
}

22
2015/3xxx/CVE-2015-3851.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3851",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3851",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

86
2015/4xxx/CVE-2015-4127.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4127",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4127",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the church_admin plugin before 0.810 for WordPress allows remote attackers to inject arbitrary web script or HTML via the address parameter, as demonstrated by a request to index.php/2015/05/21/church_admin-registration-form/."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the church_admin plugin before 0.810 for WordPress allows remote attackers to inject arbitrary web script or HTML via the address parameter, as demonstrated by a request to index.php/2015/05/21/church_admin-registration-form/."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "37112",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/37112/"
"name": "121304",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/121304"
},
{
"name" : "http://packetstormsecurity.com/files/132034/WordPress-Church-Admin-0.800-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/132034/WordPress-Church-Admin-0.800-Cross-Site-Scripting.html"
"name": "74782",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74782"
},
{
"name" : "https://wordpress.org/plugins/church-admin/changelog/",
"refsource" : "CONFIRM",
"url" : "https://wordpress.org/plugins/church-admin/changelog/"
"name": "https://wordpress.org/plugins/church-admin/changelog/",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/church-admin/changelog/"
},
{
"name" : "74782",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74782"
"name": "http://packetstormsecurity.com/files/132034/WordPress-Church-Admin-0.800-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132034/WordPress-Church-Admin-0.800-Cross-Site-Scripting.html"
},
{
"name" : "121304",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/121304"
"name": "37112",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37112/"
}
]
}

98
2015/4xxx/CVE-2015-4143.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4143",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4143",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload."
"lang": "eng",
"value": "The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/05/09/6"
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name" : "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/05/31/6"
"name": "DSA-3397",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name" : "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt",
"refsource" : "CONFIRM",
"url" : "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
"name": "GLSA-201606-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name" : "DSA-3397",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3397"
"name": "USN-2650-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"name" : "GLSA-201606-17",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201606-17"
"name": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt",
"refsource": "CONFIRM",
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"name" : "openSUSE-SU-2015:1030",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
"name": "openSUSE-SU-2015:1030",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name" : "USN-2650-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2650-1"
"name": "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
}
]
}

164
2015/4xxx/CVE-2015-4792.json
View File

@ -1,146 +1,146 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4792",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4792",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
"name": "openSUSE-SU-2015:2244",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name": "RHSA-2016:1481",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
"name": "1033894",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033894"
},
{
"name" : "DSA-3385",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3385"
"name": "RHSA-2016:1132",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1132"
},
{
"name" : "DSA-3377",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3377"
"name": "RHSA-2016:0534",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0534.html"
},
{
"name" : "FEDORA-2016-e30164d0a2",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html"
"name": "USN-2781-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2781-1"
},
{
"name" : "RHSA-2016:0534",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0534.html"
"name": "SUSE-SU-2016:0296",
"refsource": "SUSE",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html"
},
{
"name" : "RHSA-2016:0705",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html"
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name" : "RHSA-2016:1132",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1132"
"name": "77171",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77171"
},
{
"name" : "RHSA-2016:1480",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name" : "RHSA-2016:1481",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1481.html"
"name": "RHSA-2016:1480",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html"
},
{
"name" : "SUSE-SU-2016:0296",
"refsource" : "SUSE",
"url" : "https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html"
"name": "openSUSE-SU-2015:2246",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html"
},
{
"name" : "openSUSE-SU-2016:0368",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html"
"name": "DSA-3385",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3385"
},
{
"name" : "openSUSE-SU-2015:2244",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "openSUSE-SU-2015:2246",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html"
"name": "openSUSE-SU-2016:0368",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html"
},
{
"name" : "USN-2781-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2781-1"
"name": "DSA-3377",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3377"
},
{
"name" : "77171",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77171"
"name": "RHSA-2016:0705",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html"
},
{
"name" : "1033894",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033894"
"name": "FEDORA-2016-e30164d0a2",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html"
}
]
}

92
2015/4xxx/CVE-2015-4877.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4877",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4877",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4878."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4878."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20151026 Secunia Research: Oracle Outside In Two Buffer Overflow Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/536762/100/0/threaded"
"name": "20151026 Secunia Research: Oracle Outside In Two Buffer Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536762/100/0/threaded"
},
{
"name" : "38788",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/38788/"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name" : "http://packetstormsecurity.com/files/134089/Oracle-Outside-In-Buffer-Overflow.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/134089/Oracle-Outside-In-Buffer-Overflow.html"
"name": "38788",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38788/"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
"name": "1033898",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033898"
},
{
"name" : "77130",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77130"
"name": "http://packetstormsecurity.com/files/134089/Oracle-Outside-In-Buffer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134089/Oracle-Outside-In-Buffer-Overflow.html"
},
{
"name" : "1033898",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033898"
"name": "77130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77130"
}
]
}

68
2015/4xxx/CVE-2015-4891.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4891",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4891",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to NSCD."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via vectors related to NSCD."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name" : "1033881",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033881"
"name": "1033881",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033881"
}
]
}

86
2015/8xxx/CVE-2015-8051.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8051",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-8051",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Adobe Premiere Clip app before 1.2.1 for iOS mishandles unspecified input, which has unknown impact and attack vectors."
"lang": "eng",
"value": "The Adobe Premiere Clip app before 1.2.1 for iOS mishandles unspecified input, which has unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20151118 Adobe Premiere Clip v1.1.1 iOS - (cid:x) Filter Bypass & Persistent Software Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/536928/100/0/threaded"
"name": "20151118 Adobe Premiere Clip v1.1.1 iOS - (cid:x) Filter Bypass & Persistent Software Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536928/100/0/threaded"
},
{
"name" : "20151118 Adobe Premiere Clip v1.1.1 iOS - (cid:x) Filter Bypass & Persistent Software Vulnerability",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Nov/81"
"name": "https://helpx.adobe.com/security/products/premiereclip/apsb15-31.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/premiereclip/apsb15-31.html"
},
{
"name" : "http://www.vulnerability-lab.com/get_content.php?id=1478",
"refsource" : "MISC",
"url" : "http://www.vulnerability-lab.com/get_content.php?id=1478"
"name": "http://www.vulnerability-lab.com/get_content.php?id=1478",
"refsource": "MISC",
"url": "http://www.vulnerability-lab.com/get_content.php?id=1478"
},
{
"name" : "https://helpx.adobe.com/security/products/premiereclip/apsb15-31.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/premiereclip/apsb15-31.html"
"name": "20151118 Adobe Premiere Clip v1.1.1 iOS - (cid:x) Filter Bypass & Persistent Software Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Nov/81"
},
{
"name" : "77624",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77624"
"name": "77624",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77624"
}
]
}

62
2015/8xxx/CVE-2015-8318.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8318",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8318",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2015-8319."
"lang": "eng",
"value": "Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2015-8319."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160104-04-smartphone-en",
"refsource" : "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160104-04-smartphone-en"
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160104-04-smartphone-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160104-04-smartphone-en"
}
]
}

98
2015/8xxx/CVE-2015-8387.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8387",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8387",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror."
"lang": "eng",
"value": "PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20151128 Re: Heap Overflow in PCRE",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/11/29/1"
"name": "[oss-security] 20151128 Re: Heap Overflow in PCRE",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/11/29/1"
},
{
"name" : "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup",
"refsource" : "CONFIRM",
"url" : "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup"
"name": "82990",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/82990"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
"name": "FEDORA-2015-eb896290d3",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html"
},
{
"name" : "https://bto.bluecoat.com/security-advisory/sa128",
"refsource" : "CONFIRM",
"url" : "https://bto.bluecoat.com/security-advisory/sa128"
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"name" : "FEDORA-2015-eb896290d3",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html"
"name": "https://bto.bluecoat.com/security-advisory/sa128",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa128"
},
{
"name" : "GLSA-201607-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201607-02"
"name": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup",
"refsource": "CONFIRM",
"url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup"
},
{
"name" : "82990",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/82990"
"name": "GLSA-201607-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-02"
}
]
}

74
2015/8xxx/CVE-2015-8571.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8571",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8571",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in Autodesk Design Review (ADR) before 2013 Hotfix 2 allows remote attackers to execute arbitrary code via a crafted biClrUsed value in a BMP file, which triggers a buffer overflow."
"lang": "eng",
"value": "Integer overflow in Autodesk Design Review (ADR) before 2013 Hotfix 2 allows remote attackers to execute arbitrary code via a crafted biClrUsed value in a BMP file, which triggers a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-617",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-617"
"name": "79800",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79800"
},
{
"name" : "https://knowledge.autodesk.com/support/design-review/downloads/caas/downloads/content/autodesk-design-review-2013-hotfix.html",
"refsource" : "CONFIRM",
"url" : "https://knowledge.autodesk.com/support/design-review/downloads/caas/downloads/content/autodesk-design-review-2013-hotfix.html"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-617",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-617"
},
{
"name" : "79800",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/79800"
"name": "https://knowledge.autodesk.com/support/design-review/downloads/caas/downloads/content/autodesk-design-review-2013-hotfix.html",
"refsource": "CONFIRM",
"url": "https://knowledge.autodesk.com/support/design-review/downloads/caas/downloads/content/autodesk-design-review-2013-hotfix.html"
}
]
}

170
2015/8xxx/CVE-2015-8776.json
View File

@ -1,151 +1,151 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8776",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-8776",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value."
"lang": "eng",
"value": "The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"refsource" : "MLIST",
"url" : "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
"name": "SUSE-SU-2016:0471",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
},
{
"name" : "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/01/19/11"
"name": "FEDORA-2016-68abc0be35",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
},
{
"name" : "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/01/20/1"
"name": "RHSA-2017:1916",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1916"
},
{
"name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=18985",
"refsource" : "CONFIRM",
"url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=18985"
"name": "DSA-3481",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3481"
},
{
"name" : "DSA-3481",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3481"
"name": "openSUSE-SU-2016:0510",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
},
{
"name" : "DSA-3480",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3480"
"name": "SUSE-SU-2016:0470",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
},
{
"name" : "FEDORA-2016-68abc0be35",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html"
"name": "RHSA-2017:0680",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
},
{
"name" : "GLSA-201602-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201602-02"
"name": "USN-2985-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"name" : "GLSA-201702-11",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201702-11"
"name": "[oss-security] 20160119 Re: CVE assignment request for security bugs fixed in glibc 2.23",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/20/1"
},
{
"name" : "RHSA-2017:0680",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0680.html"
"name": "GLSA-201702-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-11"
},
{
"name" : "RHSA-2017:1916",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1916"
"name": "GLSA-201602-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201602-02"
},
{
"name" : "SUSE-SU-2016:0470",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html"
"name": "SUSE-SU-2016:0472",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
},
{
"name" : "SUSE-SU-2016:0471",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html"
"name": "SUSE-SU-2016:0473",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
},
{
"name" : "SUSE-SU-2016:0472",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html"
"name": "[libc-alpha] 20160219 The GNU C Library version 2.23 is now available",
"refsource": "MLIST",
"url": "https://www.sourceware.org/ml/libc-alpha/2016-02/msg00502.html"
},
{
"name" : "SUSE-SU-2016:0473",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html"
"name": "[oss-security] 20160119 CVE assignment request for security bugs fixed in glibc 2.23",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/11"
},
{
"name" : "openSUSE-SU-2016:0510",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html"
"name": "83277",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/83277"
},
{
"name" : "USN-2985-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2985-1"
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=18985",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18985"
},
{
"name" : "USN-2985-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2985-2"
"name": "DSA-3480",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3480"
},
{
"name" : "83277",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/83277"
"name": "USN-2985-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2985-1"
}
]
}

68
2016/1xxx/CVE-2016-1862.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1862",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-1862",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860."
"lang": "eng",
"value": "Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1860."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT206567",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206567"
"name": "https://support.apple.com/HT206567",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206567"
},
{
"name" : "APPLE-SA-2016-05-16-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
"name": "APPLE-SA-2016-05-16-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
}
]
}

134
2016/5xxx/CVE-2016-5629.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5629",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-5629",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
"name": "RHSA-2016:2749",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
},
{
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/",
"refsource" : "CONFIRM",
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/"
"name": "RHSA-2016:2131",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2131.html"
},
{
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/",
"refsource" : "CONFIRM",
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/"
"name": "93668",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93668"
},
{
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/",
"refsource" : "CONFIRM",
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/"
"name": "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/"
},
{
"name" : "GLSA-201701-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-01"
"name": "GLSA-201701-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-01"
},
{
"name" : "RHSA-2016:2130",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name" : "RHSA-2016:2131",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2131.html"
"name": "RHSA-2016:2130",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2130.html"
},
{
"name" : "RHSA-2016:2595",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2595.html"
"name": "RHSA-2016:2927",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2927.html"
},
{
"name" : "RHSA-2016:2749",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2749.html"
"name": "RHSA-2016:2595",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2595.html"
},
{
"name" : "RHSA-2016:2927",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2927.html"
"name": "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/"
},
{
"name" : "RHSA-2016:2928",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2928.html"
"name": "1037050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037050"
},
{
"name" : "93668",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93668"
"name": "RHSA-2016:2928",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2928.html"
},
{
"name" : "1037050",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037050"
"name": "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/"
}
]
}

22
2016/5xxx/CVE-2016-5753.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5753",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5753",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/2xxx/CVE-2018-2301.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-2301",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-2301",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}

84
2018/2xxx/CVE-2018-2468.json
View File

@ -1,80 +1,80 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2468",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2468",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "SAP Adaptive Server Enterprise (ASE)",
"version" : {
"version_data" : [
"product_name": "SAP Adaptive Server Enterprise (ASE)",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "15.7"
"version_affected": "=",
"version_value": "15.7"
},
{
"version_affected" : "=",
"version_value" : "16.0"
"version_affected": "=",
"version_value": "16.0"
}
]
}
}
]
},
"vendor_name" : "SAP"
"vendor_name": "SAP"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Under certain conditions the backup server in SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted."
"lang": "eng",
"value": "Under certain conditions the backup server in SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information Disclosure"
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://launchpad.support.sap.com/#/notes/2678615",
"refsource" : "MISC",
"url" : "https://launchpad.support.sap.com/#/notes/2678615"
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095"
},
{
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095",
"refsource" : "CONFIRM",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095"
"name": "105527",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105527"
},
{
"name" : "105527",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105527"
"name": "https://launchpad.support.sap.com/#/notes/2678615",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2678615"
}
]
},
"source" : {
"discovery" : "UNKNOWN"
"source": {
"discovery": "UNKNOWN"
}
}

102
2018/2xxx/CVE-2018-2636.json
View File

@ -1,95 +1,95 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-2636",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2636",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Hospitality Simphony",
"version" : {
"version_data" : [
"product_name": "Hospitality Simphony",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "2.7"
"version_affected": "=",
"version_value": "2.7"
},
{
"version_affected" : "=",
"version_value" : "2.8"
"version_affected": "=",
"version_value": "2.8"
},
{
"version_affected" : "=",
"version_value" : "2.9"
"version_affected": "=",
"version_value": "2.9"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). Supported versions that are affected are 2.7, 2.8 and 2.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Simphony. CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)."
"lang": "eng",
"value": "Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). Supported versions that are affected are 2.7, 2.8 and 2.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Simphony. CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Simphony."
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Simphony."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "43960",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/43960/"
"name": "https://github.com/erpscanteam/CVE-2018-2636",
"refsource": "MISC",
"url": "https://github.com/erpscanteam/CVE-2018-2636"
},
{
"name" : "https://erpscan.io/press-center/blog/oracle-micros-pos-breached/",
"refsource" : "MISC",
"url" : "https://erpscan.io/press-center/blog/oracle-micros-pos-breached/"
"name": "https://erpscan.io/advisories/erpscan-18-002-oracle-micros-pos-missing-authorisation-check/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-18-002-oracle-micros-pos-missing-authorisation-check/"
},
{
"name" : "https://erpscan.io/advisories/erpscan-18-002-oracle-micros-pos-missing-authorisation-check/",
"refsource" : "MISC",
"url" : "https://erpscan.io/advisories/erpscan-18-002-oracle-micros-pos-missing-authorisation-check/"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name" : "https://github.com/erpscanteam/CVE-2018-2636",
"refsource" : "MISC",
"url" : "https://github.com/erpscanteam/CVE-2018-2636"
"name": "43960",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43960/"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
"name": "https://erpscan.io/press-center/blog/oracle-micros-pos-breached/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/oracle-micros-pos-breached/"
},
{
"name" : "102560",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/102560"
"name": "102560",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102560"
}
]
}

94
2018/6xxx/CVE-2018-6065.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "chrome-cve-admin@google.com",
"ID" : "CVE-2018-6065",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2018-6065",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Chrome",
"version" : {
"version_data" : [
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "65.0.3325.146"
"version_affected": "<",
"version_value": "65.0.3325.146"
}
]
}
}
]
},
"vendor_name" : "Google"
"vendor_name": "Google"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
"lang": "eng",
"value": "Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Integer overflow"
"lang": "eng",
"value": "Integer overflow"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "44584",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/44584/"
"name": "https://crbug.com/808192",
"refsource": "MISC",
"url": "https://crbug.com/808192"
},
{
"name" : "https://crbug.com/808192",
"refsource" : "MISC",
"url" : "https://crbug.com/808192"
"name": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
},
{
"name" : "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"refsource" : "CONFIRM",
"url" : "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
"name": "103297",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103297"
},
{
"name" : "DSA-4182",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4182"
"name": "RHSA-2018:0484",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
},
{
"name" : "RHSA-2018:0484",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:0484"
"name": "44584",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44584/"
},
{
"name" : "103297",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103297"
"name": "DSA-4182",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4182"
}
]
}

62
2018/6xxx/CVE-2018-6778.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6778",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6778",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A008268."
"lang": "eng",
"value": "In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A008268."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008268",
"refsource" : "MISC",
"url" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008268"
"name": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008268",
"refsource": "MISC",
"url": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A008268"
}
]
}

62
2018/6xxx/CVE-2018-6786.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6786",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6786",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220840."
"lang": "eng",
"value": "In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220840."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KVFG_220840",
"refsource" : "MISC",
"url" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KVFG_220840"
"name": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KVFG_220840",
"refsource": "MISC",
"url": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KVFG_220840"
}
]
}

118
2019/0xxx/CVE-2019-0029.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2019-01-09T17:00:00.000Z",
"ID" : "CVE-2019-0029",
"STATE" : "PUBLIC",
"TITLE" : " Juniper ATP: Splunk credentials are in logged in clear text"
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-01-09T17:00:00.000Z",
"ID": "CVE-2019-0029",
"STATE": "PUBLIC",
"TITLE": " Juniper ATP: Splunk credentials are in logged in clear text"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Juniper ATP",
"version" : {
"version_data" : [
"product_name": "Juniper ATP",
"version": {
"version_data": [
{
"affected" : "<",
"version_name" : "5.0",
"version_value" : "5.0.3"
"affected": "<",
"version_name": "5.0",
"version_value": "5.0.3"
}
]
}
}
]
},
"vendor_name" : "Juniper Networks"
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Juniper ATP Series Splunk credentials are logged in a file readable by authenticated local users. Using these credentials an attacker can access the Splunk server. This issue affects Juniper ATP 5.0 versions prior to 5.0.3."
"lang": "eng",
"value": "Juniper ATP Series Splunk credentials are logged in a file readable by authenticated local users. Using these credentials an attacker can access the Splunk server. This issue affects Juniper ATP 5.0 versions prior to 5.0.3."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "LOCAL",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "LOW",
"scope" : "CHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version" : "3.0"
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE - 256 : Plaintext Storage of a Password\n"
"lang": "eng",
"value": "CWE - 256 : Plaintext Storage of a Password\n"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://kb.juniper.net/JSA10918",
"refsource" : "CONFIRM",
"url" : "https://kb.juniper.net/JSA10918"
"name": "https://kb.juniper.net/JSA10918",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10918"
}
]
},
"solution" : [
"solution": [
{
"lang" : "eng",
"value" : "The following software release have been updated to resolve this specific issue: 5.0.3 and all subsequent releases.\nIt is suggested to change the Splunk credentials after the upgrade to the fixed version."
"lang": "eng",
"value": "The following software release have been updated to resolve this specific issue: 5.0.3 and all subsequent releases.\nIt is suggested to change the Splunk credentials after the upgrade to the fixed version."
}
],
"source" : {
"advisory" : "JSA10918",
"defect" : [
"source": {
"advisory": "JSA10918",
"defect": [
"1365601"
],
"discovery" : "INTERNAL"
"discovery": "INTERNAL"
},
"work_around" : [
"work_around": [
{
"lang" : "eng",
"value" : "There are no known workarounds for this issue, however limit the access to only trusted administrators from trusted administrative networks or hosts would minimize the risk."
"lang": "eng",
"value": "There are no known workarounds for this issue, however limit the access to only trusted administrators from trusted administrative networks or hosts would minimize the risk."
}
]
}

22
2019/0xxx/CVE-2019-0314.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0314",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0314",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1208.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1208",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1208",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1241.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1241",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1241",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1242.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1242",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1242",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1582.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1582",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1582",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1877.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1877",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1877",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5037.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5037",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5037",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5245.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5245",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5245",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5247.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5247",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5247",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5998.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5998",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5998",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}