admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:42:59 +00:00
parent cbc90d7ea2
commit ce01638c03
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
66 changed files with 4082 additions and 4082 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
1999/0xxx/CVE-1999-0228.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0228", "ID": "CVE-1999-0228",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT." "value": "Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "Q162567", "name": "Q162567",
"refsource" : "MSKB", "refsource": "MSKB",
"url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q162567" "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q162567"
} }
] ]
} }

68
1999/0xxx/CVE-1999-0969.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0969", "ID": "CVE-1999-0969",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork." "value": "The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS98-014", "name": "Q193233",
"refsource" : "MS", "refsource": "MSKB",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-014" "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q193233"
}, },
{ {
"name" : "Q193233", "name": "MS98-014",
"refsource" : "MSKB", "refsource": "MS",
"url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q193233" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-014"
} }
] ]
} }

74
1999/1xxx/CVE-1999-1431.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1431", "ID": "CVE-1999-1431",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ZAK in Appstation mode allows users to bypass the \"Run only allowed apps\" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe." "value": "ZAK in Appstation mode allows users to bypass the \"Run only allowed apps\" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "19990107 WinNT, ZAK and Office 97", "name": "181",
"refsource" : "NTBUGTRAQ", "refsource": "BID",
"url" : "http://marc.info/?l=ntbugtraq&m=91576100022688&w=2" "url": "http://www.securityfocus.com/bid/181"
}, },
{ {
"name" : "19990109 WinNT, ZAK and Office 97", "name": "19990107 WinNT, ZAK and Office 97",
"refsource" : "NTBUGTRAQ", "refsource": "NTBUGTRAQ",
"url" : "http://marc.info/?l=ntbugtraq&m=91606260910008&w=2" "url": "http://marc.info/?l=ntbugtraq&m=91576100022688&w=2"
}, },
{ {
"name" : "181", "name": "19990109 WinNT, ZAK and Office 97",
"refsource" : "BID", "refsource": "NTBUGTRAQ",
"url" : "http://www.securityfocus.com/bid/181" "url": "http://marc.info/?l=ntbugtraq&m=91606260910008&w=2"
} }
] ]
} }

68
2000/0xxx/CVE-2000-0300.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0300", "ID": "CVE-2000-0300",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts." "value": "The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20000405 PcAnywhere weak password encryption", "name": "1093",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000406030958.23902.qmail@securityfocus.com" "url": "http://www.securityfocus.com/bid/1093"
}, },
{ {
"name" : "1093", "name": "20000405 PcAnywhere weak password encryption",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/1093" "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000406030958.23902.qmail@securityfocus.com"
} }
] ]
} }

68
2000/0xxx/CVE-2000-0337.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0337", "ID": "CVE-2000-0337",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter." "value": "Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20000424 Solaris x86 Xsun overflow.", "name": "1140",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-04/0188.html" "url": "http://www.securityfocus.com/bid/1140"
}, },
{ {
"name" : "1140", "name": "20000424 Solaris x86 Xsun overflow.",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/1140" "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0188.html"
} }
] ]
} }

98
2000/0xxx/CVE-2000-0491.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0491", "ID": "CVE-2000-0491",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request." "value": "Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20000521 \"gdm\" remote hole", "name": "20000607 Conectiva Linux Security Announcement - gdm",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0241.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0025.html"
}, },
{ {
"name" : "20000524 Security hole in gdm <= 2.0beta4-25", "name": "1279",
"refsource" : "SUSE", "refsource": "BID",
"url" : "http://www.novell.com/linux/security/advisories/suse_security_announce_49.html" "url": "http://www.securityfocus.com/bid/1279"
}, },
{ {
"name" : "20000607 Conectiva Linux Security Announcement - gdm", "name": "1370",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-06/0025.html" "url": "http://www.securityfocus.com/bid/1370"
}, },
{ {
"name" : "CSSA-2000-013.0", "name": "1233",
"refsource" : "CALDERA", "refsource": "BID",
"url" : "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-013.0.txt" "url": "http://www.securityfocus.com/bid/1233"
}, },
{ {
"name" : "1233", "name": "20000524 Security hole in gdm <= 2.0beta4-25",
"refsource" : "BID", "refsource": "SUSE",
"url" : "http://www.securityfocus.com/bid/1233" "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_49.html"
}, },
{ {
"name" : "1279", "name": "CSSA-2000-013.0",
"refsource" : "BID", "refsource": "CALDERA",
"url" : "http://www.securityfocus.com/bid/1279" "url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-013.0.txt"
}, },
{ {
"name" : "1370", "name": "20000521 \"gdm\" remote hole",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/1370" "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0241.html"
} }
] ]
} }

86
2000/0xxx/CVE-2000-0664.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0664", "ID": "CVE-2000-0664",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack that uses the %2E URL encoding for the dots." "value": "AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack that uses the %2E URL encoding for the dots."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20000726 AnalogX \"SimpleServer:WWW\" dot dot bug", "name": "http://www.analogx.com/contents/download/network/sswww.htm",
"refsource" : "BUGTRAQ", "refsource": "CONFIRM",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0374.html" "url": "http://www.analogx.com/contents/download/network/sswww.htm"
}, },
{ {
"name" : "http://www.analogx.com/contents/download/network/sswww.htm", "name": "20000726 AnalogX \"SimpleServer:WWW\" dot dot bug",
"refsource" : "CONFIRM", "refsource": "BUGTRAQ",
"url" : "http://www.analogx.com/contents/download/network/sswww.htm" "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0374.html"
}, },
{ {
"name" : "1508", "name": "1508",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/1508" "url": "http://www.securityfocus.com/bid/1508"
}, },
{ {
"name" : "analogx-simpleserver-directory-path(4999)", "name": "analogx-simpleserver-directory-path(4999)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4999" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4999"
}, },
{ {
"name" : "388", "name": "388",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/388" "url": "http://www.osvdb.org/388"
} }
] ]
} }

68
2000/0xxx/CVE-2000-0768.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0768", "ID": "CVE-2000-0768",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the \"Frame Domain Verification\" vulnerability." "value": "A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the \"Frame Domain Verification\" vulnerability."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS00-055", "name": "1564",
"refsource" : "MS", "refsource": "BID",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-055" "url": "http://www.securityfocus.com/bid/1564"
}, },
{ {
"name" : "1564", "name": "MS00-055",
"refsource" : "BID", "refsource": "MS",
"url" : "http://www.securityfocus.com/bid/1564" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-055"
} }
] ]
} }

74
2000/0xxx/CVE-2000-0790.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0790", "ID": "CVE-2000-0790",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder." "value": "The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20000828 IE 5.5/5.x for Win98 may execute arbitrary files that can be accessed thru Microsoft Networking. Also local Administrator compromise at least on default Windows 2000.", "name": "ie-folder-remote-exe(5097)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=3998370D.732A03F1@nat.bg" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5097"
}, },
{ {
"name" : "1571", "name": "1571",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/1571" "url": "http://www.securityfocus.com/bid/1571"
}, },
{ {
"name" : "ie-folder-remote-exe(5097)", "name": "20000828 IE 5.5/5.x for Win98 may execute arbitrary files that can be accessed thru Microsoft Networking. Also local Administrator compromise at least on default Windows 2000.",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5097" "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=3998370D.732A03F1@nat.bg"
} }
] ]
} }

404
2007/0xxx/CVE-2007-0981.json
View File

@ -1,346 +1,346 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0981", "ID": "CVE-2007-0981",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code." "value": "Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the hostname (location.hostname) DOM property, due to interactions with DNS resolver code."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070226 rPSA-2007-0040-1 firefox", "name": "RHSA-2007:0078",
"refsource" : "BUGTRAQ", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/archive/1/461336/100/0/threaded" "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
}, },
{ {
"name" : "20070303 rPSA-2007-0040-3 firefox thunderbird", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=370445",
"refsource" : "BUGTRAQ", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/archive/1/461809/100/0/threaded" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=370445"
}, },
{ {
"name" : "20070214 Firefox: serious cookie stealing / same-domain bypass vulnerability", "name": "24395",
"refsource" : "BUGTRAQ", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/archive/1/460126/100/200/threaded" "url": "http://secunia.com/advisories/24395"
}, },
{ {
"name" : "20070215 Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability", "name": "32104",
"refsource" : "BUGTRAQ", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/archive/1/460217/100/0/threaded" "url": "http://www.osvdb.org/32104"
}, },
{ {
"name" : "http://lcamtuf.dione.cc/ffhostname.html", "name": "20070226 rPSA-2007-0040-1 firefox",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://lcamtuf.dione.cc/ffhostname.html" "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=370445", "name": "24328",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=370445" "url": "http://secunia.com/advisories/24328"
}, },
{ {
"name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-07.html", "name": "RHSA-2007:0108",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-07.html" "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
}, },
{ {
"name" : "https://issues.rpath.com/browse/RPL-1081", "name": "GLSA-200703-04",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "https://issues.rpath.com/browse/RPL-1081" "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml"
}, },
{ {
"name" : "https://issues.rpath.com/browse/RPL-1103", "name": "20070214 Firefox: serious cookie stealing / same-domain bypass vulnerability",
"refsource" : "CONFIRM", "refsource": "BUGTRAQ",
"url" : "https://issues.rpath.com/browse/RPL-1103" "url": "http://www.securityfocus.com/archive/1/460126/100/200/threaded"
}, },
{ {
"name" : "DSA-1336", "name": "GLSA-200703-08",
"refsource" : "DEBIAN", "refsource": "GENTOO",
"url" : "http://www.debian.org/security/2007/dsa-1336" "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"
}, },
{ {
"name" : "FEDORA-2007-281", "name": "20070215 Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability",
"refsource" : "FEDORA", "refsource": "BUGTRAQ",
"url" : "http://fedoranews.org/cms/node/2713" "url": "http://www.securityfocus.com/archive/1/460217/100/0/threaded"
}, },
{ {
"name" : "FEDORA-2007-293", "name": "SSA:2007-066-03",
"refsource" : "FEDORA", "refsource": "SLACKWARE",
"url" : "http://fedoranews.org/cms/node/2728" "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851"
}, },
{ {
"name" : "GLSA-200703-04", "name": "24384",
"refsource" : "GENTOO", "refsource": "SECUNIA",
"url" : "http://security.gentoo.org/glsa/glsa-200703-04.xml" "url": "http://secunia.com/advisories/24384"
}, },
{ {
"name" : "GLSA-200703-08", "name": "firefox-locationhostname-security-bypass(32533)",
"refsource" : "GENTOO", "refsource": "XF",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32533"
}, },
{ {
"name" : "HPSBUX02153", "name": "24457",
"refsource" : "HP", "refsource": "SECUNIA",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" "url": "http://secunia.com/advisories/24457"
}, },
{ {
"name" : "SSRT061181", "name": "24343",
"refsource" : "HP", "refsource": "SECUNIA",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" "url": "http://secunia.com/advisories/24343"
}, },
{ {
"name" : "MDKSA-2007:050", "name": "DSA-1336",
"refsource" : "MANDRIVA", "refsource": "DEBIAN",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050" "url": "http://www.debian.org/security/2007/dsa-1336"
}, },
{ {
"name" : "RHSA-2007:0079", "name": "HPSBUX02153",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0079.html" "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
}, },
{ {
"name" : "RHSA-2007:0077", "name": "oval:org.mitre.oval:def:9730",
"refsource" : "REDHAT", "refsource": "OVAL",
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0077.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9730"
}, },
{ {
"name" : "RHSA-2007:0078", "name": "ADV-2007-0718",
"refsource" : "REDHAT", "refsource": "VUPEN",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0078.html" "url": "http://www.vupen.com/english/advisories/2007/0718"
}, },
{ {
"name" : "RHSA-2007:0097", "name": "VU#885753",
"refsource" : "REDHAT", "refsource": "CERT-VN",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0097.html" "url": "http://www.kb.cert.org/vuls/id/885753"
}, },
{ {
"name" : "RHSA-2007:0108", "name": "24650",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0108.html" "url": "http://secunia.com/advisories/24650"
}, },
{ {
"name" : "20070301-01-P", "name": "USN-428-1",
"refsource" : "SGI", "refsource": "UBUNTU",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc" "url": "http://www.ubuntu.com/usn/usn-428-1"
}, },
{ {
"name" : "20070202-01-P", "name": "2262",
"refsource" : "SGI", "refsource": "SREASON",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc" "url": "http://securityreason.com/securityalert/2262"
}, },
{ {
"name" : "SSA:2007-066-03", "name": "24320",
"refsource" : "SLACKWARE", "refsource": "SECUNIA",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851" "url": "http://secunia.com/advisories/24320"
}, },
{ {
"name" : "SSA:2007-066-05", "name": "25588",
"refsource" : "SLACKWARE", "refsource": "SECUNIA",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131" "url": "http://secunia.com/advisories/25588"
}, },
{ {
"name" : "SUSE-SA:2007:019", "name": "https://issues.rpath.com/browse/RPL-1103",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html" "url": "https://issues.rpath.com/browse/RPL-1103"
}, },
{ {
"name" : "SUSE-SA:2007:022", "name": "SUSE-SA:2007:019",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html" "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
}, },
{ {
"name" : "USN-428-1", "name": "ADV-2008-0083",
"refsource" : "UBUNTU", "refsource": "VUPEN",
"url" : "http://www.ubuntu.com/usn/usn-428-1" "url": "http://www.vupen.com/english/advisories/2008/0083"
}, },
{ {
"name" : "VU#885753", "name": "20070303 rPSA-2007-0040-3 firefox thunderbird",
"refsource" : "CERT-VN", "refsource": "BUGTRAQ",
"url" : "http://www.kb.cert.org/vuls/id/885753" "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
}, },
{ {
"name" : "22566", "name": "SUSE-SA:2007:022",
"refsource" : "BID", "refsource": "SUSE",
"url" : "http://www.securityfocus.com/bid/22566" "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:9730", "name": "24293",
"refsource" : "OVAL", "refsource": "SECUNIA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9730" "url": "http://secunia.com/advisories/24293"
}, },
{ {
"name" : "ADV-2007-0624", "name": "24238",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2007/0624" "url": "http://secunia.com/advisories/24238"
}, },
{ {
"name" : "ADV-2007-0718", "name": "24393",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2007/0718" "url": "http://secunia.com/advisories/24393"
}, },
{ {
"name" : "ADV-2008-0083", "name": "24342",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2008/0083" "url": "http://secunia.com/advisories/24342"
}, },
{ {
"name" : "32104", "name": "24287",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://www.osvdb.org/32104" "url": "http://secunia.com/advisories/24287"
}, },
{ {
"name" : "1017654", "name": "SSRT061181",
"refsource" : "SECTRACK", "refsource": "HP",
"url" : "http://securitytracker.com/id?1017654" "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
}, },
{ {
"name" : "24175", "name": "FEDORA-2007-281",
"refsource" : "SECUNIA", "refsource": "FEDORA",
"url" : "http://secunia.com/advisories/24175" "url": "http://fedoranews.org/cms/node/2713"
}, },
{ {
"name" : "24238", "name": "24175",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/24238" "url": "http://secunia.com/advisories/24175"
}, },
{ {
"name" : "24287", "name": "22566",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/24287" "url": "http://www.securityfocus.com/bid/22566"
}, },
{ {
"name" : "24290", "name": "RHSA-2007:0097",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/24290" "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
}, },
{ {
"name" : "24205", "name": "FEDORA-2007-293",
"refsource" : "SECUNIA", "refsource": "FEDORA",
"url" : "http://secunia.com/advisories/24205" "url": "http://fedoranews.org/cms/node/2728"
}, },
{ {
"name" : "24328", "name": "20070301-01-P",
"refsource" : "SECUNIA", "refsource": "SGI",
"url" : "http://secunia.com/advisories/24328" "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
}, },
{ {
"name" : "24333", "name": "24205",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/24333" "url": "http://secunia.com/advisories/24205"
}, },
{ {
"name" : "24343", "name": "https://issues.rpath.com/browse/RPL-1081",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/24343" "url": "https://issues.rpath.com/browse/RPL-1081"
}, },
{ {
"name" : "24320", "name": "24333",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/24320" "url": "http://secunia.com/advisories/24333"
}, },
{ {
"name" : "24293", "name": "MDKSA-2007:050",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/24293" "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
}, },
{ {
"name" : "24393", "name": "24290",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/24393" "url": "http://secunia.com/advisories/24290"
}, },
{ {
"name" : "24395", "name": "1017654",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/24395" "url": "http://securitytracker.com/id?1017654"
}, },
{ {
"name" : "24384", "name": "24455",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/24384" "url": "http://secunia.com/advisories/24455"
}, },
{ {
"name" : "24437", "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-07.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/24437" "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-07.html"
}, },
{ {
"name" : "24650", "name": "RHSA-2007:0077",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/24650" "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
}, },
{ {
"name" : "24455", "name": "20070202-01-P",
"refsource" : "SECUNIA", "refsource": "SGI",
"url" : "http://secunia.com/advisories/24455" "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
}, },
{ {
"name" : "24457", "name": "ADV-2007-0624",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/24457" "url": "http://www.vupen.com/english/advisories/2007/0624"
}, },
{ {
"name" : "24342", "name": "SSA:2007-066-05",
"refsource" : "SECUNIA", "refsource": "SLACKWARE",
"url" : "http://secunia.com/advisories/24342" "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131"
}, },
{ {
"name" : "25588", "name": "RHSA-2007:0079",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/25588" "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
}, },
{ {
"name" : "2262", "name": "http://lcamtuf.dione.cc/ffhostname.html",
"refsource" : "SREASON", "refsource": "MISC",
"url" : "http://securityreason.com/securityalert/2262" "url": "http://lcamtuf.dione.cc/ffhostname.html"
}, },
{ {
"name" : "firefox-locationhostname-security-bypass(32533)", "name": "24437",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32533" "url": "http://secunia.com/advisories/24437"
} }
] ]
} }

110
2007/1xxx/CVE-2007-1265.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1265", "ID": "CVE-2007-1265",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "KMail 1.9.5 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents KMail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection." "value": "KMail 1.9.5 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents KMail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability ", "name": "[gnupg-users] 20070306 [Announce] Multiple Messages Problem in GnuPG and GPGME",
"refsource" : "BUGTRAQ", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/archive/1/461958/100/0/threaded" "url": "http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html"
}, },
{ {
"name" : "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability", "name": "2353",
"refsource" : "BUGTRAQ", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/archive/1/461958/30/7710/threaded" "url": "http://securityreason.com/securityalert/2353"
}, },
{ {
"name" : "[gnupg-users] 20070306 [Announce] Multiple Messages Problem in GnuPG and GPGME", "name": "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability",
"refsource" : "MLIST", "refsource": "BUGTRAQ",
"url" : "http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html" "url": "http://www.securityfocus.com/archive/1/461958/30/7710/threaded"
}, },
{ {
"name" : "http://www.coresecurity.com/?action=item&id=1687", "name": "http://www.coresecurity.com/?action=item&id=1687",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.coresecurity.com/?action=item&id=1687" "url": "http://www.coresecurity.com/?action=item&id=1687"
}, },
{ {
"name" : "22759", "refsource": "BUGTRAQ",
"refsource" : "BID", "name": "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability",
"url" : "http://www.securityfocus.com/bid/22759" "url": "http://www.securityfocus.com/archive/1/461958/100/0/threaded"
}, },
{ {
"name" : "ADV-2007-0835", "name": "24413",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2007/0835" "url": "http://secunia.com/advisories/24413"
}, },
{ {
"name" : "1017727", "name": "22759",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id?1017727" "url": "http://www.securityfocus.com/bid/22759"
}, },
{ {
"name" : "24413", "name": "1017727",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/24413" "url": "http://www.securitytracker.com/id?1017727"
}, },
{ {
"name" : "2353", "name": "ADV-2007-0835",
"refsource" : "SREASON", "refsource": "VUPEN",
"url" : "http://securityreason.com/securityalert/2353" "url": "http://www.vupen.com/english/advisories/2007/0835"
} }
] ]
} }

86
2007/1xxx/CVE-2007-1742.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-1742", "ID": "CVE-2007-1742",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using \"html_backup\" and \"htmleditor\" under an \"html\" directory. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\"" "value": "suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using \"html_backup\" and \"htmleditor\" under an \"html\" directory. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070411 Apache HTTPD suEXEC Multiple Vulnerabilities", "name": "20070411 Apache HTTPD suEXEC Multiple Vulnerabilities",
"refsource" : "IDEFENSE", "refsource": "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511" "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511"
}, },
{ {
"name" : "[apache-http-dev] 20070328 [Fwd: iDefense Final Notice [IDEF1445]]", "name": "38640",
"refsource" : "MLIST", "refsource": "OSVDB",
"url" : "http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2" "url": "http://osvdb.org/38640"
}, },
{ {
"name" : "[apache-http-dev] 20070328 Re: [Fwd: iDefense Final Notice [IDEF1445]]", "name": "[apache-http-dev] 20070328 Re: [Fwd: iDefense Final Notice [IDEF1445]]",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2" "url": "http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2"
}, },
{ {
"name" : "38640", "name": "1017904",
"refsource" : "OSVDB", "refsource": "SECTRACK",
"url" : "http://osvdb.org/38640" "url": "http://www.securitytracker.com/id?1017904"
}, },
{ {
"name" : "1017904", "name": "[apache-http-dev] 20070328 [Fwd: iDefense Final Notice [IDEF1445]]",
"refsource" : "SECTRACK", "refsource": "MLIST",
"url" : "http://www.securitytracker.com/id?1017904" "url": "http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2"
} }
] ]
} }

98
2007/1xxx/CVE-2007-1812.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1812", "ID": "CVE-2007-1812",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP remote file inclusion vulnerability in utilitaires/gestion_sondage.php in BT-Sondage 112 allows remote attackers to execute arbitrary PHP code via a URL in the repertoire_visiteur parameter." "value": "PHP remote file inclusion vulnerability in utilitaires/gestion_sondage.php in BT-Sondage 112 allows remote attackers to execute arbitrary PHP code via a URL in the repertoire_visiteur parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "3624", "name": "23248",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/3624" "url": "http://www.securityfocus.com/bid/23248"
}, },
{ {
"name" : "20070402 [true] BT-Sondage-v112 RFI", "name": "20070402 [true] BT-Sondage-v112 RFI",
"refsource" : "VIM", "refsource": "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2007-April/001483.html" "url": "http://www.attrition.org/pipermail/vim/2007-April/001483.html"
}, },
{ {
"name" : "23248", "name": "24701",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/23248" "url": "http://secunia.com/advisories/24701"
}, },
{ {
"name" : "ADV-2007-1183", "name": "btsondage-gestionsondage-file-include(33363)",
"refsource" : "VUPEN", "refsource": "XF",
"url" : "http://www.vupen.com/english/advisories/2007/1183" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33363"
}, },
{ {
"name" : "34597", "name": "ADV-2007-1183",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://osvdb.org/34597" "url": "http://www.vupen.com/english/advisories/2007/1183"
}, },
{ {
"name" : "24701", "name": "34597",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/24701" "url": "http://osvdb.org/34597"
}, },
{ {
"name" : "btsondage-gestionsondage-file-include(33363)", "name": "3624",
"refsource" : "XF", "refsource": "EXPLOIT-DB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33363" "url": "https://www.exploit-db.com/exploits/3624"
} }
] ]
} }

110
2007/1xxx/CVE-2007-1876.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1876", "ID": "CVE-2007-1876",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "VMware Workstation before 5.5.4, when running a 64-bit Windows guest on a 64-bit host, allows local users to \"corrupt the virtual machine's register context\" by debugging a local program and stepping into a \"syscall instruction.\"" "value": "VMware Workstation before 5.5.4, when running a 64-bit Windows guest on a 64-bit host, allows local users to \"corrupt the virtual machine's register context\" by debugging a local program and stepping into a \"syscall instruction.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070507 VMSA-2007-0004 Multiple Denial-of-Service issues fixed", "name": "vmware-windebugging-unspecified(33993)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/467936/30/6690/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33993"
}, },
{ {
"name" : "20070518 VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability", "name": "23732",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/469011/30/6510/threaded" "url": "http://www.securityfocus.com/bid/23732"
}, },
{ {
"name" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554", "name": "ADV-2007-1592",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554" "url": "http://www.vupen.com/english/advisories/2007/1592"
}, },
{ {
"name" : "23732", "name": "35509",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/23732" "url": "http://osvdb.org/35509"
}, },
{ {
"name" : "ADV-2007-1592", "name": "20070518 VMSA-2007-0004.1 Updated: Multiple Denial-of-Service issues fixed and directory traversal vulnerability",
"refsource" : "VUPEN", "refsource": "BUGTRAQ",
"url" : "http://www.vupen.com/english/advisories/2007/1592" "url": "http://www.securityfocus.com/archive/1/469011/30/6510/threaded"
}, },
{ {
"name" : "35509", "name": "25079",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://osvdb.org/35509" "url": "http://secunia.com/advisories/25079"
}, },
{ {
"name" : "1018011", "name": "1018011",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018011" "url": "http://www.securitytracker.com/id?1018011"
}, },
{ {
"name" : "25079", "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/25079" "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html#554"
}, },
{ {
"name" : "vmware-windebugging-unspecified(33993)", "name": "20070507 VMSA-2007-0004 Multiple Denial-of-Service issues fixed",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33993" "url": "http://www.securityfocus.com/archive/1/467936/30/6690/threaded"
} }
] ]
} }

110
2007/5xxx/CVE-2007-5528.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5528", "ID": "CVE-2007-5528",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.2 have unknown impact and attack vectors related to (1) Public Sector Human Resources (APP03) and (2) Quoting component (APP06)." "value": "Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.2 have unknown impact and attack vectors related to (1) Public Sector Human Resources (APP03) and (2) Quoting component (APP06)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
}, },
{ {
"name" : "HPSBMA02133", "name": "ADV-2007-3524",
"refsource" : "HP", "refsource": "VUPEN",
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "url": "http://www.vupen.com/english/advisories/2007/3524"
}, },
{ {
"name" : "SSRT061201", "name": "ADV-2007-3626",
"refsource" : "HP", "refsource": "VUPEN",
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "url": "http://www.vupen.com/english/advisories/2007/3626"
}, },
{ {
"name" : "TA07-290A", "name": "TA07-290A",
"refsource" : "CERT", "refsource": "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" "url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html"
}, },
{ {
"name" : "ADV-2007-3524", "name": "SSRT061201",
"refsource" : "VUPEN", "refsource": "HP",
"url" : "http://www.vupen.com/english/advisories/2007/3524" "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
}, },
{ {
"name" : "ADV-2007-3626", "name": "HPSBMA02133",
"refsource" : "VUPEN", "refsource": "HP",
"url" : "http://www.vupen.com/english/advisories/2007/3626" "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
}, },
{ {
"name" : "1018823", "name": "1018823",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018823" "url": "http://www.securitytracker.com/id?1018823"
}, },
{ {
"name" : "27251", "name": "27409",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/27251" "url": "http://secunia.com/advisories/27409"
}, },
{ {
"name" : "27409", "name": "27251",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/27409" "url": "http://secunia.com/advisories/27251"
} }
] ]
} }

104
2007/5xxx/CVE-2007-5536.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5536", "ID": "CVE-2007-5536",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors." "value": "Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "HPSBUX02277", "name": "26093",
"refsource" : "HP", "refsource": "BID",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958" "url": "http://www.securityfocus.com/bid/26093"
}, },
{ {
"name" : "SSRT071453", "name": "HPSBUX02277",
"refsource" : "HP", "refsource": "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958" "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958"
}, },
{ {
"name" : "26093", "name": "hpux-openssl-dos(37231)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/26093" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37231"
}, },
{ {
"name" : "oval:org.mitre.oval:def:5871", "name": "ADV-2007-3526",
"refsource" : "OVAL", "refsource": "VUPEN",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5871" "url": "http://www.vupen.com/english/advisories/2007/3526"
}, },
{ {
"name" : "ADV-2007-3526", "name": "27265",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2007/3526" "url": "http://secunia.com/advisories/27265"
}, },
{ {
"name" : "37894", "name": "37894",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/37894" "url": "http://osvdb.org/37894"
}, },
{ {
"name" : "27265", "name": "oval:org.mitre.oval:def:5871",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/27265" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5871"
}, },
{ {
"name" : "hpux-openssl-dos(37231)", "name": "SSRT071453",
"refsource" : "XF", "refsource": "HP",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37231" "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01203958"
} }
] ]
} }

22
2007/5xxx/CVE-2007-5662.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5662", "ID": "CVE-2007-5662",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

80
2007/5xxx/CVE-2007-5735.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5735", "ID": "CVE-2007-5735",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "eFileMan 7.1.0.87-88 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain unspecified user information via a direct request for cgi-bin/efileman/efileman_config.pm." "value": "eFileMan 7.1.0.87-88 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain unspecified user information via a direct request for cgi-bin/efileman/efileman_config.pm."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20071023 [Vulz] eFileMan 7.x Multiple Vulnerabilities by Xcross87", "name": "20071023 [Vulz] eFileMan 7.x Multiple Vulnerabilities by Xcross87",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/482683/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/482683/100/0/threaded"
}, },
{ {
"name" : "26184", "name": "26184",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/26184" "url": "http://www.securityfocus.com/bid/26184"
}, },
{ {
"name" : "39012", "name": "39012",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/39012" "url": "http://osvdb.org/39012"
}, },
{ {
"name" : "3323", "name": "3323",
"refsource" : "SREASON", "refsource": "SREASON",
"url" : "http://securityreason.com/securityalert/3323" "url": "http://securityreason.com/securityalert/3323"
} }
] ]
} }

86
2007/5xxx/CVE-2007-5948.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5948", "ID": "CVE-2007-5948",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in main.php in SF-Shoutbox 1.2.1 through 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) nick (aka Name) and (2) shout (aka Shout) parameters." "value": "Multiple cross-site scripting (XSS) vulnerabilities in main.php in SF-Shoutbox 1.2.1 through 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) nick (aka Name) and (2) shout (aka Shout) parameters."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.smash-the-stack.net/articles/SF-Shoutbox_Injection_Advisory.txt", "name": "http://www.smash-the-stack.net/articles/SF-Shoutbox_Injection_Advisory.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.smash-the-stack.net/articles/SF-Shoutbox_Injection_Advisory.txt" "url": "http://www.smash-the-stack.net/articles/SF-Shoutbox_Injection_Advisory.txt"
}, },
{ {
"name" : "26320", "name": "27487",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/26320" "url": "http://secunia.com/advisories/27487"
}, },
{ {
"name" : "ADV-2007-3722", "name": "26320",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2007/3722" "url": "http://www.securityfocus.com/bid/26320"
}, },
{ {
"name" : "38401", "name": "ADV-2007-3722",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://osvdb.org/38401" "url": "http://www.vupen.com/english/advisories/2007/3722"
}, },
{ {
"name" : "27487", "name": "38401",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/27487" "url": "http://osvdb.org/38401"
} }
] ]
} }

104
2015/3xxx/CVE-2015-3102.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-3102", "ID": "CVE-2015-3102",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3098 and CVE-2015-3099." "value": "Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3098 and CVE-2015-3099."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html", "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html" "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html"
}, },
{ {
"name" : "GLSA-201506-01", "name": "75080",
"refsource" : "GENTOO", "refsource": "BID",
"url" : "https://security.gentoo.org/glsa/201506-01" "url": "http://www.securityfocus.com/bid/75080"
}, },
{ {
"name" : "RHSA-2015:1086", "name": "1032519",
"refsource" : "REDHAT", "refsource": "SECTRACK",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1086.html" "url": "http://www.securitytracker.com/id/1032519"
}, },
{ {
"name" : "SUSE-SU-2015:1043", "name": "openSUSE-SU-2015:1047",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html"
}, },
{ {
"name" : "openSUSE-SU-2015:1047", "name": "GLSA-201506-01",
"refsource" : "SUSE", "refsource": "GENTOO",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html" "url": "https://security.gentoo.org/glsa/201506-01"
}, },
{ {
"name" : "openSUSE-SU-2015:1061", "name": "SUSE-SU-2015:1043",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html"
}, },
{ {
"name" : "75080", "name": "openSUSE-SU-2015:1061",
"refsource" : "BID", "refsource": "SUSE",
"url" : "http://www.securityfocus.com/bid/75080" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html"
}, },
{ {
"name" : "1032519", "name": "RHSA-2015:1086",
"refsource" : "SECTRACK", "refsource": "REDHAT",
"url" : "http://www.securitytracker.com/id/1032519" "url": "http://rhn.redhat.com/errata/RHSA-2015-1086.html"
} }
] ]
} }

22
2015/3xxx/CVE-2015-3592.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3592", "ID": "CVE-2015-3592",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

104
2015/3xxx/CVE-2015-3739.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-3739", "ID": "CVE-2015-3739",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3." "value": "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/kb/HT205030", "name": "https://support.apple.com/HT205221",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/kb/HT205030" "url": "https://support.apple.com/HT205221"
}, },
{ {
"name" : "https://support.apple.com/kb/HT205033", "name": "1033274",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.apple.com/kb/HT205033" "url": "http://www.securitytracker.com/id/1033274"
}, },
{ {
"name" : "https://support.apple.com/HT205221", "name": "https://support.apple.com/kb/HT205030",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT205221" "url": "https://support.apple.com/kb/HT205030"
}, },
{ {
"name" : "APPLE-SA-2015-08-13-1", "name": "APPLE-SA-2015-09-16-3",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html" "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
}, },
{ {
"name" : "APPLE-SA-2015-08-13-3", "name": "APPLE-SA-2015-08-13-3",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
}, },
{ {
"name" : "APPLE-SA-2015-09-16-3", "name": "76338",
"refsource" : "APPLE", "refsource": "BID",
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html" "url": "http://www.securityfocus.com/bid/76338"
}, },
{ {
"name" : "76338", "name": "APPLE-SA-2015-08-13-1",
"refsource" : "BID", "refsource": "APPLE",
"url" : "http://www.securityfocus.com/bid/76338" "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html"
}, },
{ {
"name" : "1033274", "name": "https://support.apple.com/kb/HT205033",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1033274" "url": "https://support.apple.com/kb/HT205033"
} }
] ]
} }

170
2015/7xxx/CVE-2015-7188.json
View File

@ -1,151 +1,151 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2015-7188", "ID": "CVE-2015-7188",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string." "value": "Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-122.html", "name": "1034069",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-122.html" "url": "http://www.securitytracker.com/id/1034069"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1199430", "name": "DSA-3410",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1199430" "url": "http://www.debian.org/security/2015/dsa-3410"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "name": "SUSE-SU-2015:2081",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "name": "GLSA-201512-10",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" "url": "https://security.gentoo.org/glsa/201512-10"
}, },
{ {
"name" : "DSA-3410", "name": "77411",
"refsource" : "DEBIAN", "refsource": "BID",
"url" : "http://www.debian.org/security/2015/dsa-3410" "url": "http://www.securityfocus.com/bid/77411"
}, },
{ {
"name" : "DSA-3393", "name": "SUSE-SU-2015:1981",
"refsource" : "DEBIAN", "refsource": "SUSE",
"url" : "http://www.debian.org/security/2015/dsa-3393" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html"
}, },
{ {
"name" : "GLSA-201512-10", "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-122.html",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201512-10" "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-122.html"
}, },
{ {
"name" : "RHSA-2015:1982", "name": "openSUSE-SU-2015:2229",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1982.html" "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html"
}, },
{ {
"name" : "openSUSE-SU-2015:2229", "name": "USN-2785-1",
"refsource" : "SUSE", "refsource": "UBUNTU",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html" "url": "http://www.ubuntu.com/usn/USN-2785-1"
}, },
{ {
"name" : "openSUSE-SU-2015:2245", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1199430",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1199430"
}, },
{ {
"name" : "SUSE-SU-2015:1926", "name": "SUSE-SU-2015:1926",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html"
}, },
{ {
"name" : "openSUSE-SU-2015:1942", "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
}, },
{ {
"name" : "SUSE-SU-2015:1978", "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html" "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
}, },
{ {
"name" : "SUSE-SU-2015:1981", "name": "RHSA-2015:1982",
"refsource" : "SUSE", "refsource": "REDHAT",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html" "url": "http://rhn.redhat.com/errata/RHSA-2015-1982.html"
}, },
{ {
"name" : "SUSE-SU-2015:2081", "name": "USN-2819-1",
"refsource" : "SUSE", "refsource": "UBUNTU",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html" "url": "http://www.ubuntu.com/usn/USN-2819-1"
}, },
{ {
"name" : "USN-2819-1", "name": "openSUSE-SU-2015:1942",
"refsource" : "UBUNTU", "refsource": "SUSE",
"url" : "http://www.ubuntu.com/usn/USN-2819-1" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html"
}, },
{ {
"name" : "USN-2785-1", "name": "DSA-3393",
"refsource" : "UBUNTU", "refsource": "DEBIAN",
"url" : "http://www.ubuntu.com/usn/USN-2785-1" "url": "http://www.debian.org/security/2015/dsa-3393"
}, },
{ {
"name" : "77411", "name": "openSUSE-SU-2015:2245",
"refsource" : "BID", "refsource": "SUSE",
"url" : "http://www.securityfocus.com/bid/77411" "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html"
}, },
{ {
"name" : "1034069", "name": "SUSE-SU-2015:1978",
"refsource" : "SECTRACK", "refsource": "SUSE",
"url" : "http://www.securitytracker.com/id/1034069" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html"
} }
] ]
} }

68
2015/7xxx/CVE-2015-7256.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2015-7256", "ID": "CVE-2015-7256",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys." "value": "ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml", "name": "VU#566724",
"refsource" : "CONFIRM", "refsource": "CERT-VN",
"url" : "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml" "url": "http://www.kb.cert.org/vuls/id/566724"
}, },
{ {
"name" : "VU#566724", "name": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml",
"refsource" : "CERT-VN", "refsource": "CONFIRM",
"url" : "http://www.kb.cert.org/vuls/id/566724" "url": "http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml"
} }
] ]
} }

68
2015/7xxx/CVE-2015-7304.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7304", "ID": "CVE-2015-7304",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the amoCRM module 7.x-1.x before 7.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP POST data." "value": "Cross-site scripting (XSS) vulnerability in the amoCRM module 7.x-1.x before 7.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP POST data."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.drupal.org/node/2569587", "name": "https://www.drupal.org/node/2569587",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.drupal.org/node/2569587" "url": "https://www.drupal.org/node/2569587"
}, },
{ {
"name" : "https://www.drupal.org/node/2569243", "name": "https://www.drupal.org/node/2569243",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.drupal.org/node/2569243" "url": "https://www.drupal.org/node/2569243"
} }
] ]
} }

62
2015/7xxx/CVE-2015-7396.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-7396", "ID": "CVE-2015-7396",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Scheduler in IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.1 FP1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.1 FP1 for SmartCloud Control Desk allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or modify data, via unspecified vectors." "value": "The Scheduler in IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.1 FP1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.1 FP1 for SmartCloud Control Desk allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or modify data, via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21970799", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21970799",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21970799" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970799"
} }
] ]
} }

22
2015/7xxx/CVE-2015-7947.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-7947", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2015-7947",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }

98
2015/8xxx/CVE-2015-8047.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-8047", "ID": "CVE-2015-8047",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455." "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", "name": "openSUSE-SU-2015:2239",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html"
}, },
{ {
"name" : "GLSA-201601-03", "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201601-03" "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
}, },
{ {
"name" : "SUSE-SU-2015:2236", "name": "SUSE-SU-2015:2236",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html"
}, },
{ {
"name" : "SUSE-SU-2015:2247", "name": "SUSE-SU-2015:2247",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html"
}, },
{ {
"name" : "openSUSE-SU-2015:2239", "name": "1034318",
"refsource" : "SUSE", "refsource": "SECTRACK",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" "url": "http://www.securitytracker.com/id/1034318"
}, },
{ {
"name" : "78710", "name": "GLSA-201601-03",
"refsource" : "BID", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/bid/78710" "url": "https://security.gentoo.org/glsa/201601-03"
}, },
{ {
"name" : "1034318", "name": "78710",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1034318" "url": "http://www.securityfocus.com/bid/78710"
} }
] ]
} }

86
2015/8xxx/CVE-2015-8082.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8082", "ID": "CVE-2015-8082",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Login Disable module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not properly load the user_logout function, which allows remote attackers to bypass the logout protection mechanism by leveraging a contributed user authentication module, as demonstrated by the CAS and URL Login modules." "value": "The Login Disable module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not properly load the user_logout function, which allows remote attackers to bypass the logout protection mechanism by leveraging a contributed user authentication module, as demonstrated by the CAS and URL Login modules."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.drupal.org/node/2608356", "name": "https://www.drupal.org/node/2303503",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://www.drupal.org/node/2608356" "url": "https://www.drupal.org/node/2303503"
}, },
{ {
"name" : "https://www.drupal.org/node/2303503", "name": "https://www.drupal.org/node/2608356",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://www.drupal.org/node/2303503" "url": "https://www.drupal.org/node/2608356"
}, },
{ {
"name" : "https://www.drupal.org/node/2571567", "name": "https://www.drupal.org/node/2587643",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.drupal.org/node/2571567" "url": "https://www.drupal.org/node/2587643"
}, },
{ {
"name" : "https://www.drupal.org/node/2587641", "name": "https://www.drupal.org/node/2571567",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.drupal.org/node/2587641" "url": "https://www.drupal.org/node/2571567"
}, },
{ {
"name" : "https://www.drupal.org/node/2587643", "name": "https://www.drupal.org/node/2587641",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.drupal.org/node/2587643" "url": "https://www.drupal.org/node/2587641"
} }
] ]
} }

22
2015/8xxx/CVE-2015-8367.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8367", "ID": "CVE-2015-8367",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

104
2015/8xxx/CVE-2015-8383.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8383", "ID": "CVE-2015-8383",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror." "value": "PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20151128 Re: Heap Overflow in PCRE", "name": "[oss-security] 20151128 Re: Heap Overflow in PCRE",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/11/29/1" "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1"
}, },
{ {
"name" : "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", "name": "RHSA-2016:1132",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" "url": "https://access.redhat.com/errata/RHSA-2016:1132"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", "name": "RHSA-2016:2750",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
}, },
{ {
"name" : "https://bto.bluecoat.com/security-advisory/sa128", "name": "FEDORA-2015-eb896290d3",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "https://bto.bluecoat.com/security-advisory/sa128" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html"
}, },
{ {
"name" : "FEDORA-2015-eb896290d3", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731",
"refsource" : "FEDORA", "refsource": "CONFIRM",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html" "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
}, },
{ {
"name" : "GLSA-201607-02", "name": "https://bto.bluecoat.com/security-advisory/sa128",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201607-02" "url": "https://bto.bluecoat.com/security-advisory/sa128"
}, },
{ {
"name" : "RHSA-2016:1132", "name": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "https://access.redhat.com/errata/RHSA-2016:1132" "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup"
}, },
{ {
"name" : "RHSA-2016:2750", "name": "GLSA-201607-02",
"refsource" : "REDHAT", "refsource": "GENTOO",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html" "url": "https://security.gentoo.org/glsa/201607-02"
} }
] ]
} }

22
2015/8xxx/CVE-2015-8774.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8774", "ID": "CVE-2015-8774",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2016/0xxx/CVE-2016-0473.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0473", "ID": "CVE-2016-0473",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect integrity via unknown vectors related to Fluid Core." "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect integrity via unknown vectors related to Fluid Core."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
}, },
{ {
"name" : "1034720", "name": "1034720",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034720" "url": "http://www.securitytracker.com/id/1034720"
} }
] ]
} }

68
2016/0xxx/CVE-2016-0527.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0527", "ID": "CVE-2016-0527",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to User GUI, a different vulnerability than CVE-2016-0528, CVE-2016-0529, and CVE-2016-0530." "value": "Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to User GUI, a different vulnerability than CVE-2016-0528, CVE-2016-0529, and CVE-2016-0530."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
}, },
{ {
"name" : "1034726", "name": "1034726",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034726" "url": "http://www.securitytracker.com/id/1034726"
} }
] ]
} }

104
2016/0xxx/CVE-2016-0981.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-0981", "ID": "CVE-2016-0981",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0980." "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, and CVE-2016-0980."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "name": "SUSE-SU-2016:0400",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
}, },
{ {
"name" : "GLSA-201603-07", "name": "1034970",
"refsource" : "GENTOO", "refsource": "SECTRACK",
"url" : "https://security.gentoo.org/glsa/201603-07" "url": "http://www.securitytracker.com/id/1034970"
}, },
{ {
"name" : "RHSA-2016:0166", "name": "GLSA-201603-07",
"refsource" : "REDHAT", "refsource": "GENTOO",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0166.html" "url": "https://security.gentoo.org/glsa/201603-07"
}, },
{ {
"name" : "SUSE-SU-2016:0398", "name": "RHSA-2016:0166",
"refsource" : "SUSE", "refsource": "REDHAT",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html"
}, },
{ {
"name" : "SUSE-SU-2016:0400", "name": "openSUSE-SU-2016:0415",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
}, },
{ {
"name" : "openSUSE-SU-2016:0412", "name": "openSUSE-SU-2016:0412",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
}, },
{ {
"name" : "openSUSE-SU-2016:0415", "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
}, },
{ {
"name" : "1034970", "name": "SUSE-SU-2016:0398",
"refsource" : "SECTRACK", "refsource": "SUSE",
"url" : "http://www.securitytracker.com/id/1034970" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
} }
] ]
} }

80
2016/1xxx/CVE-2016-1058.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-1058", "ID": "CVE-2016-1058",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107." "value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-306", "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-306",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-306" "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-306"
}, },
{ {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", "name": "90512",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" "url": "http://www.securityfocus.com/bid/90512"
}, },
{ {
"name" : "90512", "name": "1035828",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/90512" "url": "http://www.securitytracker.com/id/1035828"
}, },
{ {
"name" : "1035828", "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1035828" "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
} }
] ]
} }

74
2016/1xxx/CVE-2016-1156.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-1156", "ID": "CVE-2016-1156",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X allows remote authenticated users to cause a denial of service (application crash) via a crafted post that is mishandled when displaying a Timeline." "value": "LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X allows remote authenticated users to cause a denial of service (application crash) via a crafted post that is mishandled when displaying a Timeline."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://linecorp.com/ja/security/article/53", "name": "http://linecorp.com/ja/security/article/53",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://linecorp.com/ja/security/article/53" "url": "http://linecorp.com/ja/security/article/53"
}, },
{ {
"name" : "JVN#46044093", "name": "JVNDB-2016-000029",
"refsource" : "JVN", "refsource": "JVNDB",
"url" : "http://jvn.jp/en/jp/JVN46044093/index.html" "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000029"
}, },
{ {
"name" : "JVNDB-2016-000029", "name": "JVN#46044093",
"refsource" : "JVNDB", "refsource": "JVN",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000029" "url": "http://jvn.jp/en/jp/JVN46044093/index.html"
} }
] ]
} }

62
2016/1xxx/CVE-2016-1324.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1324", "ID": "CVE-2016-1324",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The REST interface in Cisco Spark 2015-06 allows remote attackers to cause a denial of service (resource outage) by accessing an administrative page, aka Bug ID CSCuv84125." "value": "The REST interface in Cisco Spark 2015-06 allows remote attackers to cause a denial of service (resource outage) by accessing an administrative page, aka Bug ID CSCuv84125."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20160210 Cisco Spark Representational State Transfer Interface Denial of Service Vulnerability", "name": "20160210 Cisco Spark Representational State Transfer Interface Denial of Service Vulnerability",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp3" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp3"
} }
] ]
} }

68
2016/1xxx/CVE-2016-1380.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1380", "ID": "CVE-2016-1380",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (proxy-process hang) via a crafted HTTP POST request, aka Bug ID CSCuo12171." "value": "Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (proxy-process hang) via a crafted HTTP POST request, aka Bug ID CSCuo12171."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20160518 Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability", "name": "1035908",
"refsource" : "CISCO", "refsource": "SECTRACK",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1" "url": "http://www.securitytracker.com/id/1035908"
}, },
{ {
"name" : "1035908", "name": "20160518 Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability",
"refsource" : "SECTRACK", "refsource": "CISCO",
"url" : "http://www.securitytracker.com/id/1035908" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa1"
} }
] ]
} }

22
2016/1xxx/CVE-2016-1539.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1539", "ID": "CVE-2016-1539",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

110
2016/1xxx/CVE-2016-1700.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-1700", "ID": "CVE-2016-1700",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "extensions/renderer/runtime_custom_bindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to extensions." "value": "extensions/renderer/runtime_custom_bindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to extensions."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html", "name": "http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html" "url": "http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html"
}, },
{ {
"name" : "https://codereview.chromium.org/1948773002", "name": "RHSA-2016:1201",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://codereview.chromium.org/1948773002" "url": "https://access.redhat.com/errata/RHSA-2016:1201"
}, },
{ {
"name" : "https://crbug.com/608104", "name": "1036026",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://crbug.com/608104" "url": "http://www.securitytracker.com/id/1036026"
}, },
{ {
"name" : "DSA-3594", "name": "openSUSE-SU-2016:1496",
"refsource" : "DEBIAN", "refsource": "SUSE",
"url" : "http://www.debian.org/security/2016/dsa-3594" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html"
}, },
{ {
"name" : "RHSA-2016:1201", "name": "DSA-3594",
"refsource" : "REDHAT", "refsource": "DEBIAN",
"url" : "https://access.redhat.com/errata/RHSA-2016:1201" "url": "http://www.debian.org/security/2016/dsa-3594"
}, },
{ {
"name" : "SUSE-SU-2016:1490", "name": "https://codereview.chromium.org/1948773002",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00004.html" "url": "https://codereview.chromium.org/1948773002"
}, },
{ {
"name" : "openSUSE-SU-2016:1489", "name": "SUSE-SU-2016:1490",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00003.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00004.html"
}, },
{ {
"name" : "openSUSE-SU-2016:1496", "name": "openSUSE-SU-2016:1489",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00003.html"
}, },
{ {
"name" : "1036026", "name": "https://crbug.com/608104",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1036026" "url": "https://crbug.com/608104"
} }
] ]
} }

92
2016/5xxx/CVE-2016-5009.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-5009", "ID": "CVE-2016-5009",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix." "value": "The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://tracker.ceph.com/issues/16297", "name": "http://tracker.ceph.com/issues/16297",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://tracker.ceph.com/issues/16297" "url": "http://tracker.ceph.com/issues/16297"
}, },
{ {
"name" : "https://github.com/ceph/ceph/commit/957ece7e95d8f8746191fd9629622d4457d690d6", "name": "RHSA-2016:1384",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://github.com/ceph/ceph/commit/957ece7e95d8f8746191fd9629622d4457d690d6" "url": "https://access.redhat.com/errata/RHSA-2016:1384"
}, },
{ {
"name" : "https://github.com/ceph/ceph/pull/9700", "name": "https://github.com/ceph/ceph/commit/957ece7e95d8f8746191fd9629622d4457d690d6",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/ceph/ceph/pull/9700" "url": "https://github.com/ceph/ceph/commit/957ece7e95d8f8746191fd9629622d4457d690d6"
}, },
{ {
"name" : "RHSA-2016:1384", "name": "RHSA-2016:1385",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1384" "url": "https://access.redhat.com/errata/RHSA-2016:1385"
}, },
{ {
"name" : "RHSA-2016:1385", "name": "https://github.com/ceph/ceph/pull/9700",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "https://access.redhat.com/errata/RHSA-2016:1385" "url": "https://github.com/ceph/ceph/pull/9700"
}, },
{ {
"name" : "openSUSE-SU-2016:3201", "name": "openSUSE-SU-2016:3201",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-12/msg00126.html" "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00126.html"
} }
] ]
} }

22
2016/5xxx/CVE-2016-5866.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5866", "ID": "CVE-2016-5866",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

88
2016/5xxx/CVE-2016-5937.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-5937", "ID": "CVE-2016-5937",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Kenexa LCMS Premier on Cloud", "product_name": "Kenexa LCMS Premier on Cloud",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "" "version_value": ""
}, },
{ {
"version_value" : "9.0" "version_value": "9.0"
}, },
{ {
"version_value" : "9.1" "version_value": "9.1"
}, },
{ {
"version_value" : "9.2" "version_value": "9.2"
}, },
{ {
"version_value" : "9.2.1" "version_value": "9.2.1"
}, },
{ {
"version_value" : "9.3.0" "version_value": "9.3.0"
}, },
{ {
"version_value" : "9.4.0" "version_value": "9.4.0"
}, },
{ {
"version_value" : "9.5.0" "version_value": "9.5.0"
}, },
{ {
"version_value" : "10.0.0" "version_value": "10.0.0"
}, },
{ {
"version_value" : "10.1.0" "version_value": "10.1.0"
}, },
{ {
"version_value" : "10.2.0" "version_value": "10.2.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts." "value": "IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Gain Access" "value": "Gain Access"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21992067", "name": "http://www.ibm.com/support/docview.wss?uid=swg21992067",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21992067" "url": "http://www.ibm.com/support/docview.wss?uid=swg21992067"
}, },
{ {
"name" : "94390", "name": "94390",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/94390" "url": "http://www.securityfocus.com/bid/94390"
} }
] ]
} }

112
2018/2xxx/CVE-2018-2628.json
View File

@ -1,104 +1,104 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2628", "ID": "CVE-2018-2628",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "WebLogic Server", "product_name": "WebLogic Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "10.3.6.0" "version_value": "10.3.6.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.1.3.0" "version_value": "12.1.3.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.1.2" "version_value": "12.2.1.2"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.1.3" "version_value": "12.2.1.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)." "value": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server." "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "44553", "name": "https://github.com/brianwrf/CVE-2018-2628",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "https://www.exploit-db.com/exploits/44553/" "url": "https://github.com/brianwrf/CVE-2018-2628"
}, },
{ {
"name" : "45193", "name": "44553",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/45193/" "url": "https://www.exploit-db.com/exploits/44553/"
}, },
{ {
"name" : "46513", "name": "103776",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/46513/" "url": "http://www.securityfocus.com/bid/103776"
}, },
{ {
"name" : "https://github.com/brianwrf/CVE-2018-2628", "name": "1040696",
"refsource" : "MISC", "refsource": "SECTRACK",
"url" : "https://github.com/brianwrf/CVE-2018-2628" "url": "http://www.securitytracker.com/id/1040696"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "name": "46513",
"refsource" : "CONFIRM", "refsource": "EXPLOIT-DB",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "url": "https://www.exploit-db.com/exploits/46513/"
}, },
{ {
"name" : "103776", "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/103776" "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
}, },
{ {
"name" : "1040696", "name": "45193",
"refsource" : "SECTRACK", "refsource": "EXPLOIT-DB",
"url" : "http://www.securitytracker.com/id/1040696" "url": "https://www.exploit-db.com/exploits/45193/"
} }
] ]
} }

100
2018/2xxx/CVE-2018-2839.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2839", "ID": "CVE-2018-2839",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.7.21 and prior" "version_value": "5.7.21 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "name": "1040698",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "url": "http://www.securitytracker.com/id/1040698"
}, },
{ {
"name" : "https://security.netapp.com/advisory/ntap-20180419-0002/", "name": "https://security.netapp.com/advisory/ntap-20180419-0002/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20180419-0002/" "url": "https://security.netapp.com/advisory/ntap-20180419-0002/"
}, },
{ {
"name" : "RHSA-2018:3655", "name": "103845",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "https://access.redhat.com/errata/RHSA-2018:3655" "url": "http://www.securityfocus.com/bid/103845"
}, },
{ {
"name" : "USN-3629-1", "name": "RHSA-2018:3655",
"refsource" : "UBUNTU", "refsource": "REDHAT",
"url" : "https://usn.ubuntu.com/3629-1/" "url": "https://access.redhat.com/errata/RHSA-2018:3655"
}, },
{ {
"name" : "USN-3629-3", "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "https://usn.ubuntu.com/3629-3/" "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
}, },
{ {
"name" : "103845", "name": "USN-3629-1",
"refsource" : "BID", "refsource": "UBUNTU",
"url" : "http://www.securityfocus.com/bid/103845" "url": "https://usn.ubuntu.com/3629-1/"
}, },
{ {
"name" : "1040698", "name": "USN-3629-3",
"refsource" : "SECTRACK", "refsource": "UBUNTU",
"url" : "http://www.securitytracker.com/id/1040698" "url": "https://usn.ubuntu.com/3629-3/"
} }
] ]
} }

22
2019/0xxx/CVE-2019-0356.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0356", "ID": "CVE-2019-0356",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/0xxx/CVE-2019-0370.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0370", "ID": "CVE-2019-0370",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/0xxx/CVE-2019-0406.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0406", "ID": "CVE-2019-0406",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/0xxx/CVE-2019-0768.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0768", "ID": "CVE-2019-0768",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/1000xxx/CVE-2019-1000049.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2019-1000049", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2019-1000049",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-8363. Reason: This candidate is a reservation duplicate of CVE-2019-8363. Notes: All CVE users should reference CVE-2019-8363 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-8363. Reason: This candidate is a reservation duplicate of CVE-2019-8363. Notes: All CVE users should reference CVE-2019-8363 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }

22
2019/1xxx/CVE-2019-1072.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1072", "ID": "CVE-2019-1072",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/1xxx/CVE-2019-1158.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1158", "ID": "CVE-2019-1158",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/1xxx/CVE-2019-1531.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1531", "ID": "CVE-2019-1531",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/4xxx/CVE-2019-4152.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4152", "ID": "CVE-2019-4152",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/4xxx/CVE-2019-4310.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4310", "ID": "CVE-2019-4310",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/4xxx/CVE-2019-4733.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4733", "ID": "CVE-2019-4733",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/4xxx/CVE-2019-4875.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4875", "ID": "CVE-2019-4875",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/5xxx/CVE-2019-5269.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5269", "ID": "CVE-2019-5269",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/5xxx/CVE-2019-5371.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5371", "ID": "CVE-2019-5371",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/5xxx/CVE-2019-5502.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5502", "ID": "CVE-2019-5502",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/5xxx/CVE-2019-5656.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5656", "ID": "CVE-2019-5656",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/8xxx/CVE-2019-8450.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8450", "ID": "CVE-2019-8450",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

92
2019/9xxx/CVE-2019-9021.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9021", "ID": "CVE-2019-9021",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c." "value": "An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugs.php.net/bug.php?id=77247", "name": "USN-3902-2",
"refsource" : "MISC", "refsource": "UBUNTU",
"url" : "https://bugs.php.net/bug.php?id=77247" "url": "https://usn.ubuntu.com/3902-2/"
}, },
{ {
"name" : "DSA-4398", "name": "DSA-4398",
"refsource" : "DEBIAN", "refsource": "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4398" "url": "https://www.debian.org/security/2019/dsa-4398"
}, },
{ {
"name" : "USN-3902-1", "name": "USN-3902-1",
"refsource" : "UBUNTU", "refsource": "UBUNTU",
"url" : "https://usn.ubuntu.com/3902-1/" "url": "https://usn.ubuntu.com/3902-1/"
}, },
{ {
"name" : "USN-3902-2", "name": "https://bugs.php.net/bug.php?id=77247",
"refsource" : "UBUNTU", "refsource": "MISC",
"url" : "https://usn.ubuntu.com/3902-2/" "url": "https://bugs.php.net/bug.php?id=77247"
}, },
{ {
"name" : "106747", "name": "107156",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/106747" "url": "http://www.securityfocus.com/bid/107156"
}, },
{ {
"name" : "107156", "name": "106747",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/107156" "url": "http://www.securityfocus.com/bid/106747"
} }
] ]
} }

68
2019/9xxx/CVE-2019-9029.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9029", "ID": "CVE-2019-9029",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds read with a SEGV in the function Mat_VarReadNextInfo5() in mat5.c." "value": "An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds read with a SEGV in the function Mat_VarReadNextInfo5() in mat5.c."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/TeamSeri0us/pocs/tree/master/matio", "name": "https://github.com/tbeu/matio/issues/103",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/TeamSeri0us/pocs/tree/master/matio" "url": "https://github.com/tbeu/matio/issues/103"
}, },
{ {
"name" : "https://github.com/tbeu/matio/issues/103", "name": "https://github.com/TeamSeri0us/pocs/tree/master/matio",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/tbeu/matio/issues/103" "url": "https://github.com/TeamSeri0us/pocs/tree/master/matio"
} }
] ]
} }

68
2019/9xxx/CVE-2019-9210.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9210", "ID": "CVE-2019-9210",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.)" "value": "In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.)"
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20190302 [SECURITY] [DLA 1702-1] advancecomp security update", "name": "[debian-lts-announce] 20190302 [SECURITY] [DLA 1702-1] advancecomp security update",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/03/msg00004.html" "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00004.html"
}, },
{ {
"name" : "https://sourceforge.net/p/advancemame/bugs/277/", "name": "https://sourceforge.net/p/advancemame/bugs/277/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://sourceforge.net/p/advancemame/bugs/277/" "url": "https://sourceforge.net/p/advancemame/bugs/277/"
} }
] ]
} }