admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:13:03 +00:00
parent 4f91917311
commit cfe1f7c408
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
66 changed files with 3528 additions and 3528 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

160
2007/0xxx/CVE-2007-0583.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0583", "ID": "CVE-2007-0583",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander 6.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) LogoffMessage parameter to logofflast.aspx or the (2) txtUsername parameter to Default.aspx. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "22298", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22298" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander 6.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) LogoffMessage parameter to logofflast.aspx or the (2) txtUsername parameter to Default.aspx. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "32985", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/32985" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "32986", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32986" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23964", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/23964" ]
}, },
{ "references": {
"name" : "httpcommander-multiple-xss(31877)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31877" "name": "32986",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/32986"
} },
} {
"name": "httpcommander-multiple-xss(31877)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31877"
},
{
"name": "22298",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22298"
},
{
"name": "23964",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23964"
},
{
"name": "32985",
"refsource": "OSVDB",
"url": "http://osvdb.org/32985"
}
]
}
}

190
2007/0xxx/CVE-2007-0739.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0739", "ID": "CVE-2007-0739",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update window beneath the loginwindow authentication dialog in certain circumstances related to running scheduled tasks, which allows local users to bypass authentication controls."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.info.apple.com/article.html?artnum=305391", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=305391" "lang": "eng",
}, "value": "The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update window beneath the loginwindow authentication dialog in certain circumstances related to running scheduled tasks, which allows local users to bypass authentication controls."
{ }
"name" : "APPLE-SA-2007-04-19", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "TA07-109A", "description": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23569", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/23569" ]
}, },
{ "references": {
"name" : "ADV-2007-1470", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1470" "name": "24966",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24966"
"name" : "34864", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/34864" "name": "http://docs.info.apple.com/article.html?artnum=305391",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=305391"
"name" : "1017939", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017939" "name": "23569",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23569"
"name" : "24966", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24966" "name": "TA07-109A",
} "refsource": "CERT",
] "url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
} },
} {
"name": "34864",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34864"
},
{
"name": "1017939",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017939"
},
{
"name": "APPLE-SA-2007-04-19",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "ADV-2007-1470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1470"
}
]
}
}

140
2007/0xxx/CVE-2007-0793.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0793", "ID": "CVE-2007-0793",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary PHP code via a URL in the config parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070204 dvddb-0.6 media remote file include vuln.", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/459149/100/0/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary PHP code via a URL in the config parameter."
{ }
"name" : "33679", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/33679" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2221", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2221" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20070204 dvddb-0.6 media remote file include vuln.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459149/100/0/threaded"
},
{
"name": "33679",
"refsource": "OSVDB",
"url": "http://osvdb.org/33679"
},
{
"name": "2221",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2221"
}
]
}
}

170
2007/0xxx/CVE-2007-0968.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0968", "ID": "CVE-2007-0968",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3.1(3.1) causes the access control entries (ACE) in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070214 Multiple Vulnerabilities in Firewall Services Module", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml" "lang": "eng",
}, "value": "Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3.1(3.1) causes the access control entries (ACE) in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections."
{ }
"name" : "22561", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22561" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0609", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0609" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1017650", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1017650" ]
}, },
{ "references": {
"name" : "24172", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24172" "name": "ADV-2007-0609",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0609"
"name" : "cisco-fwsm-acl-security-bypass(32521)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32521" "name": "22561",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/22561"
} },
} {
"name": "cisco-fwsm-acl-security-bypass(32521)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32521"
},
{
"name": "1017650",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017650"
},
{
"name": "24172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
]
}
}

34
2007/3xxx/CVE-2007-3016.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3016", "ID": "CVE-2007-3016",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

260
2007/3xxx/CVE-2007-3147.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3147", "ID": "CVE-2007-3147",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070608 EEYE: Yahoo Webcam ActiveX Controls Multiple Buffer Overflows", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/470861/100/0/threaded" "lang": "eng",
}, "value": "Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information."
{ }
"name" : "20070606 Yahoo 0day ActiveX Webcam Exploit", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063817.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "4042", "description": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4042" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://research.eeye.com/html/advisories/published/AD20070608.html", ]
"refsource" : "MISC", }
"url" : "http://research.eeye.com/html/advisories/published/AD20070608.html" ]
}, },
{ "references": {
"name" : "http://research.eeye.com/html/advisories/upcoming/20070605.html", "reference_data": [
"refsource" : "MISC", {
"url" : "http://research.eeye.com/html/advisories/upcoming/20070605.html" "name": "20070606 Yahoo 0day ActiveX Webcam Exploit",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063817.html"
"name" : "http://messenger.yahoo.com/security_update.php?id=060707", },
"refsource" : "CONFIRM", {
"url" : "http://messenger.yahoo.com/security_update.php?id=060707" "name": "4042",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/4042"
"name" : "VU#949817", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/949817" "name": "24354",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/24354"
"name" : "24354", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24354" "name": "http://research.eeye.com/html/advisories/upcoming/20070605.html",
}, "refsource": "MISC",
{ "url": "http://research.eeye.com/html/advisories/upcoming/20070605.html"
"name" : "24341", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24341" "name": "VU#949817",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/949817"
"name" : "ADV-2007-2094", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2094" "name": "http://messenger.yahoo.com/security_update.php?id=060707",
}, "refsource": "CONFIRM",
{ "url": "http://messenger.yahoo.com/security_update.php?id=060707"
"name" : "1018204", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018204" "name": "ADV-2007-2094",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2094"
"name" : "1018203", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018203" "name": "25547",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25547"
"name" : "25547", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25547" "name": "20070608 EEYE: Yahoo Webcam ActiveX Controls Multiple Buffer Overflows",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/470861/100/0/threaded"
"name" : "2809", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2809" "name": "1018204",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018204"
"name" : "yahoo-webcam-upload-bo(34758)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34758" "name": "yahoo-webcam-upload-bo(34758)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34758"
} },
} {
"name": "24341",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24341"
},
{
"name": "1018203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018203"
},
{
"name": "2809",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2809"
},
{
"name": "http://research.eeye.com/html/advisories/published/AD20070608.html",
"refsource": "MISC",
"url": "http://research.eeye.com/html/advisories/published/AD20070608.html"
}
]
}
}

170
2007/3xxx/CVE-2007-3319.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3319", "ID": "CVE-2007-3319",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication, which allows remote attackers to conduct man-in-the-middle attacks and hijack or intercept communications."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=299&", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=299&" "lang": "eng",
}, "value": "The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication, which allows remote attackers to conduct man-in-the-middle attacks and hijack or intercept communications."
{ }
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm", ]
"refsource" : "CONFIRM", },
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24539", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24539" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "38115", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/38115" ]
}, },
{ "references": {
"name" : "25747", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25747" "name": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=299&",
}, "refsource": "MISC",
{ "url": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=299&"
"name" : "avaya-cnonce-call-hijacking(34972)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34972" "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm",
} "refsource": "CONFIRM",
] "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm"
} },
} {
"name": "38115",
"refsource": "OSVDB",
"url": "http://osvdb.org/38115"
},
{
"name": "avaya-cnonce-call-hijacking(34972)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34972"
},
{
"name": "25747",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25747"
},
{
"name": "24539",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24539"
}
]
}
}

150
2007/4xxx/CVE-2007-4120.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4120", "ID": "CVE-2007-4120",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) classfile parameter to includes/functions.php, the (2) nextitem parameter to includes/functions_cron.php, and the (3) specialtemplates parameter to includes/functions_forumdisplay.php. NOTE: this issue is disputed by a reliable third party who states \"further investigation has revealed that the application is not vulnerable to this issue.\" The original researcher also has a history of erroneous claims."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070730 RFI ====> vBulletin v3.6.5", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/475105/100/0/threaded" "lang": "eng",
}, "value": "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) classfile parameter to includes/functions.php, the (2) nextitem parameter to includes/functions_cron.php, and the (3) specialtemplates parameter to includes/functions_forumdisplay.php. NOTE: this issue is disputed by a reliable third party who states \"further investigation has revealed that the application is not vulnerable to this issue.\" The original researcher also has a history of erroneous claims."
{ }
"name" : "20070731 Re: RFI ====> vBulletin v3.6.5", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/475151/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25141", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25141" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2941", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2941" ]
} },
] "references": {
} "reference_data": [
} {
"name": "25141",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25141"
},
{
"name": "20070731 Re: RFI ====> vBulletin v3.6.5",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475151/100/0/threaded"
},
{
"name": "2941",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2941"
},
{
"name": "20070730 RFI ====> vBulletin v3.6.5",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475105/100/0/threaded"
}
]
}
}

290
2007/4xxx/CVE-2007-4133.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-4133", "ID": "CVE-2007-4133",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE units, which allows local users to cause a denial of service (panic) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tree.celinuxforum.org/gitstat/commit-detail.php?commit=856fc29505556cf263f3dcda2533cf3766c14ab6", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://tree.celinuxforum.org/gitstat/commit-detail.php?commit=856fc29505556cf263f3dcda2533cf3766c14ab6" "lang": "eng",
}, "value": "The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE units, which allows local users to cause a denial of service (panic) via unspecified vectors."
{ }
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.19-rc4", ]
"refsource" : "CONFIRM", },
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.19-rc4" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1381", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1381" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-1504", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2008/dsa-1504" ]
}, },
{ "references": {
"name" : "MDKSA-2007:216", "reference_data": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:216" "name": "RHSA-2007:0940",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0940.html"
"name" : "MDVSA-2008:008", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008" "name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.19-rc4",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.19-rc4"
"name" : "MDVSA-2008:105", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105" "name": "27322",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27322"
"name" : "RHSA-2007:0940", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0940.html" "name": "26994",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26994"
"name" : "USN-558-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-558-1" "name": "DSA-1504",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1504"
"name" : "USN-578-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-578-1" "name": "MDVSA-2008:008",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008"
"name" : "25904", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25904" "name": "MDKSA-2007:216",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:216"
"name" : "oval:org.mitre.oval:def:10451", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10451" "name": "USN-558-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-558-1"
"name" : "27322", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27322" "name": "DSA-1381",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1381"
"name" : "26994", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26994" "name": "MDVSA-2008:105",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105"
"name" : "28170", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28170" "name": "http://tree.celinuxforum.org/gitstat/commit-detail.php?commit=856fc29505556cf263f3dcda2533cf3766c14ab6",
}, "refsource": "CONFIRM",
{ "url": "http://tree.celinuxforum.org/gitstat/commit-detail.php?commit=856fc29505556cf263f3dcda2533cf3766c14ab6"
"name" : "28971", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28971" "name": "25904",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25904"
"name" : "29058", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29058" "name": "29058",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29058"
"name" : "kernel-hugetlbfs-dos(36925)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36925" "name": "28971",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/28971"
} },
} {
"name": "28170",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28170"
},
{
"name": "kernel-hugetlbfs-dos(36925)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36925"
},
{
"name": "USN-578-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-578-1"
},
{
"name": "oval:org.mitre.oval:def:10451",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10451"
}
]
}
}

210
2007/4xxx/CVE-2007-4307.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4307", "ID": "CVE-2007-4307",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 and earlier allow remote attackers to inject arbitrary web script or HTML via the next parameter to (1) addaddress.php, (2) editshipdetails.php, (3) register.php, or (4) login.php in secure/."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels-team.blogspot.com/2007/08/storesprite-xss-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels-team.blogspot.com/2007/08/storesprite-xss-vuln.html" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 and earlier allow remote attackers to inject arbitrary web script or HTML via the next parameter to (1) addaddress.php, (2) editshipdetails.php, (3) register.php, or (4) login.php in secure/."
{ }
"name" : "http://www.storesprite.com/forum/comments.php?DiscussionID=272&page=1#Item_0", ]
"refsource" : "CONFIRM", },
"url" : "http://www.storesprite.com/forum/comments.php?DiscussionID=272&page=1#Item_0" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25266", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25266" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-2853", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/2853" ]
}, },
{ "references": {
"name" : "36458", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36458" "name": "storesprite-next-xss(35933)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35933"
"name" : "36459", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36459" "name": "25266",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25266"
"name" : "36460", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36460" "name": "36460",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36460"
"name" : "36461", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36461" "name": "http://www.storesprite.com/forum/comments.php?DiscussionID=272&page=1#Item_0",
}, "refsource": "CONFIRM",
{ "url": "http://www.storesprite.com/forum/comments.php?DiscussionID=272&page=1#Item_0"
"name" : "26408", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26408" "name": "ADV-2007-2853",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2853"
"name" : "storesprite-next-xss(35933)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35933" "name": "http://pridels-team.blogspot.com/2007/08/storesprite-xss-vuln.html",
} "refsource": "MISC",
] "url": "http://pridels-team.blogspot.com/2007/08/storesprite-xss-vuln.html"
} },
} {
"name": "36459",
"refsource": "OSVDB",
"url": "http://osvdb.org/36459"
},
{
"name": "36461",
"refsource": "OSVDB",
"url": "http://osvdb.org/36461"
},
{
"name": "26408",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26408"
},
{
"name": "36458",
"refsource": "OSVDB",
"url": "http://osvdb.org/36458"
}
]
}
}

140
2007/4xxx/CVE-2007-4322.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4322", "ID": "CVE-2007-4322",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ossec.net/en/attacking-loganalysis.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.ossec.net/en/attacking-loganalysis.html" "lang": "eng",
}, "value": "BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765."
{ }
"name" : "http://www.aczoom.com/tools/blockhosts/CHANGES", ]
"refsource" : "CONFIRM", },
"url" : "http://www.aczoom.com/tools/blockhosts/CHANGES" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36515", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36515" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.aczoom.com/tools/blockhosts/CHANGES",
"refsource": "CONFIRM",
"url": "http://www.aczoom.com/tools/blockhosts/CHANGES"
},
{
"name": "http://www.ossec.net/en/attacking-loganalysis.html",
"refsource": "MISC",
"url": "http://www.ossec.net/en/attacking-loganalysis.html"
},
{
"name": "36515",
"refsource": "OSVDB",
"url": "http://osvdb.org/36515"
}
]
}
}

160
2007/4xxx/CVE-2007-4760.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4760", "ID": "CVE-2007-4760",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html" "lang": "eng",
}, "value": "The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503."
{ }
"name" : "25518", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25518" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-3033", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3033" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26671", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/26671" ]
}, },
{ "references": {
"name" : "hitachi-javadoc-xss(36393)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36393" "name": "ADV-2007-3033",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/3033"
} },
} {
"name": "26671",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26671"
},
{
"name": "hitachi-javadoc-xss(36393)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36393"
},
{
"name": "25518",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25518"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html"
}
]
}
}

160
2007/4xxx/CVE-2007-4991.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4991", "ID": "CVE-2007-4991",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information (the destination IP address of another user's session) via an empty packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-053.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-053.html" "lang": "eng",
}, "value": "The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information (the destination IP address of another user's session) via an empty packet."
{ }
"name" : "25753", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25753" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "45906", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/45906" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1018727", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1018727" ]
}, },
{ "references": {
"name" : "isa-socks-information-disclosure(36715)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36715" "name": "25753",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/25753"
} },
} {
"name": "1018727",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018727"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-053.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-053.html"
},
{
"name": "isa-socks-information-disclosure(36715)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36715"
},
{
"name": "45906",
"refsource": "OSVDB",
"url": "http://osvdb.org/45906"
}
]
}
}

200
2007/6xxx/CVE-2007-6002.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6002", "ID": "CVE-2007-6002",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir 2.5.17 R2 and earlier and (2) Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field in a search for additions to the Favorites section."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.fenrir.co.jp/grani/note.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.fenrir.co.jp/grani/note.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir 2.5.17 R2 and earlier and (2) Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field in a search for additions to the Favorites section."
{ }
"name" : "http://www.fenrir.co.jp/sleipnir/note.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.fenrir.co.jp/sleipnir/note.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVN#65427327", "description": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/jp/JVN%2365427327/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26418", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/26418" ]
}, },
{ "references": {
"name" : "38875", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38875" "name": "JVN#65427327",
}, "refsource": "JVN",
{ "url": "http://jvn.jp/jp/JVN%2365427327/index.html"
"name" : "38876", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38876" "name": "sleipnir-search-xss(38441)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38441"
"name" : "27655", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27655" "name": "38875",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/38875"
"name" : "27675", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27675" "name": "26418",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26418"
"name" : "sleipnir-search-xss(38441)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38441" "name": "38876",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/38876"
} },
} {
"name": "http://www.fenrir.co.jp/grani/note.html",
"refsource": "CONFIRM",
"url": "http://www.fenrir.co.jp/grani/note.html"
},
{
"name": "27675",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27675"
},
{
"name": "http://www.fenrir.co.jp/sleipnir/note.html",
"refsource": "CONFIRM",
"url": "http://www.fenrir.co.jp/sleipnir/note.html"
},
{
"name": "27655",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27655"
}
]
}
}

220
2014/5xxx/CVE-2014-5369.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5369", "ID": "CVE-2014-5369",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the network."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140818 Enigmail warning", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/08/18/2" "lang": "eng",
}, "value": "Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the network."
{ }
"name" : "[oss-security] 20140821 Re: Enigmail warning", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2014/08/22/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://sourceforge.net/p/enigmail/bugs/294/", "description": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/p/enigmail/bugs/294/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://sourceforge.net/p/enigmail/forum/support/thread/3e7268a4/", ]
"refsource" : "CONFIRM", }
"url" : "http://sourceforge.net/p/enigmail/forum/support/thread/3e7268a4/" ]
}, },
{ "references": {
"name" : "https://advisories.mageia.org/MGASA-2014-0421.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://advisories.mageia.org/MGASA-2014-0421.html" "name": "openSUSE-SU-2014:1096",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00008.html"
"name" : "GLSA-201504-01", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201504-01" "name": "60779",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60779"
"name" : "openSUSE-SU-2014:1086", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2014-09/msg00004.html" "name": "http://sourceforge.net/p/enigmail/forum/support/thread/3e7268a4/",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/p/enigmail/forum/support/thread/3e7268a4/"
"name" : "openSUSE-SU-2014:1096", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2014-09/msg00008.html" "name": "60887",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60887"
"name" : "60779", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60779" "name": "https://advisories.mageia.org/MGASA-2014-0421.html",
}, "refsource": "CONFIRM",
{ "url": "https://advisories.mageia.org/MGASA-2014-0421.html"
"name" : "60887", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60887" "name": "GLSA-201504-01",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201504-01"
"name" : "61854", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61854" "name": "http://sourceforge.net/p/enigmail/bugs/294/",
} "refsource": "CONFIRM",
] "url": "http://sourceforge.net/p/enigmail/bugs/294/"
} },
} {
"name": "openSUSE-SU-2014:1086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00004.html"
},
{
"name": "[oss-security] 20140821 Re: Enigmail warning",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/08/22/1"
},
{
"name": "[oss-security] 20140818 Enigmail warning",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/08/18/2"
},
{
"name": "61854",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61854"
}
]
}
}

34
2014/5xxx/CVE-2014-5436.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5436", "ID": "CVE-2014-5436",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2014/5xxx/CVE-2014-5587.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5587", "ID": "CVE-2014-5587",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The brokenscreencrank (aka com.biggame.brokenscreencrank) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The brokenscreencrank (aka com.biggame.brokenscreencrank) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#835585", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/835585" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#835585",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/835585"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/5xxx/CVE-2014-5887.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5887", "ID": "CVE-2014-5887",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Yell Local Search (aka com.yell.launcher2) application 4.2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Yell Local Search (aka com.yell.launcher2) application 4.2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#490713", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/490713" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#490713",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/490713"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

130
2015/2xxx/CVE-2015-2368.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2368", "ID": "CVE-2015-2368",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka \"Windows DLL Remote Code Execution Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-069", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-069" "lang": "eng",
}, "value": "Untrusted search path vulnerability in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka \"Windows DLL Remote Code Execution Vulnerability.\""
{ }
"name" : "1032898", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1032898" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032898",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032898"
},
{
"name": "MS15-069",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-069"
}
]
}
}

150
2015/2xxx/CVE-2015-2511.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2511", "ID": "CVE-2015-2511",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka \"Win32k Memory Corruption Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2015-2517, CVE-2015-2518, and CVE-2015-2546."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "38276", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/38276/" "lang": "eng",
}, "value": "The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka \"Win32k Memory Corruption Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2015-2517, CVE-2015-2518, and CVE-2015-2546."
{ }
"name" : "MS15-097", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "76597", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76597" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033485", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033485" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1033485",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033485"
},
{
"name": "MS15-097",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097"
},
{
"name": "38276",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38276/"
},
{
"name": "76597",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76597"
}
]
}
}

34
2015/2xxx/CVE-2015-2705.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2705", "ID": "CVE-2015-2705",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

190
2015/2xxx/CVE-2015-2774.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2774", "ID": "CVE-2015-2774",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150327 CVE request: Erlang POODLE TLS vulnerability", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2015/03/27/6" "lang": "eng",
}, "value": "Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE)."
{ }
"name" : "[oss-security] 20150327 Re: CVE request: Erlang POODLE TLS vulnerability", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2015/03/27/9" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.imperialviolet.org/2014/12/08/poodleagain.html", "description": [
"refsource" : "MISC", {
"url" : "https://www.imperialviolet.org/2014/12/08/poodleagain.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://web.archive.org/web/20150905124006/http://www.erlang.org/news/85", ]
"refsource" : "CONFIRM", }
"url" : "https://web.archive.org/web/20150905124006/http://www.erlang.org/news/85" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" "name": "USN-3571-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3571-1/"
"name" : "openSUSE-SU-2016:0523", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00124.html" "name": "https://web.archive.org/web/20150905124006/http://www.erlang.org/news/85",
}, "refsource": "CONFIRM",
{ "url": "https://web.archive.org/web/20150905124006/http://www.erlang.org/news/85"
"name" : "USN-3571-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3571-1/" "name": "https://www.imperialviolet.org/2014/12/08/poodleagain.html",
}, "refsource": "MISC",
{ "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html"
"name" : "73398", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73398" "name": "73398",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/73398"
} },
} {
"name": "openSUSE-SU-2016:0523",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00124.html"
},
{
"name": "[oss-security] 20150327 Re: CVE request: Erlang POODLE TLS vulnerability",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2015/03/27/9"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "[oss-security] 20150327 CVE request: Erlang POODLE TLS vulnerability",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2015/03/27/6"
}
]
}
}

120
2015/2xxx/CVE-2015-2863.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2015-2863", "ID": "CVE-2015-2863",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#919604", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/919604" "lang": "eng",
} "value": "Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#919604",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/919604"
}
]
}
}

130
2015/6xxx/CVE-2015-6310.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-6310", "ID": "CVE-2015-6310",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The REST interface in Cisco Unified Communications Manager IM and Presence Service 11.5(1) allows remote attackers to cause a denial of service (SIP proxy service restart) via a crafted HTTP request, aka Bug ID CSCuw31632."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20151002 Cisco Unified Communications Manager IM and Presence Service REST API Denial of Service Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=41242" "lang": "eng",
}, "value": "The REST interface in Cisco Unified Communications Manager IM and Presence Service 11.5(1) allows remote attackers to cause a denial of service (SIP proxy service restart) via a crafted HTTP request, aka Bug ID CSCuw31632."
{ }
"name" : "1033732", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1033732" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033732",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033732"
},
{
"name": "20151002 Cisco Unified Communications Manager IM and Presence Service REST API Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=41242"
}
]
}
}

140
2015/6xxx/CVE-2015-6397.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-6397", "ID": "CVE-2015-6397",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC configuration for the default account, which allows remote authenticated users to obtain root access via a login session with that account, aka Bug IDs CSCuv90139, CSCux58175, and CSCux73557."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160803 Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w2" "lang": "eng",
}, "value": "Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC configuration for the default account, which allows remote authenticated users to obtain root access via a login session with that account, aka Bug IDs CSCuv90139, CSCux58175, and CSCux73557."
{ }
"name" : "92273", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/92273" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036524", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036524" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "92273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92273"
},
{
"name": "20160803 Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w2"
},
{
"name": "1036524",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036524"
}
]
}
}

140
2015/7xxx/CVE-2015-7324.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7324", "ID": "CVE-2015-7324",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20151005 Komento Joomla! component Persistent XSS", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2015/Oct/11" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment."
{ }
"name" : "https://www.davidsopas.com/komento-joomla-component-persistent-xss/", ]
"refsource" : "MISC", },
"url" : "https://www.davidsopas.com/komento-joomla-component-persistent-xss/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://stackideas.com/changelog/komento?version=2.0.5", "description": [
"refsource" : "CONFIRM", {
"url" : "https://stackideas.com/changelog/komento?version=2.0.5" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://stackideas.com/changelog/komento?version=2.0.5",
"refsource": "CONFIRM",
"url": "https://stackideas.com/changelog/komento?version=2.0.5"
},
{
"name": "https://www.davidsopas.com/komento-joomla-component-persistent-xss/",
"refsource": "MISC",
"url": "https://www.davidsopas.com/komento-joomla-component-persistent-xss/"
},
{
"name": "20151005 Komento Joomla! component Persistent XSS",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Oct/11"
}
]
}
}

120
2016/0xxx/CVE-2016-0262.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0262", "ID": "CVE-2016-0262",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1.1 through 7.1.1.3, 7.5.0 before 7.5.0.9 IFIX004, and 7.6.0 before 7.6.0.3 IFIX001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21977828", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21977828" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1.1 through 7.1.1.3, 7.5.0 before 7.5.0.9 IFIX004, and 7.6.0 before 7.6.0.3 IFIX001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21977828",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977828"
}
]
}
}

120
2016/0xxx/CVE-2016-0289.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0289", "ID": "CVE-2016-0289",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "shiprec.xml in the SHIPREC application in IBM Maximo Asset Management 7.1 and 7.5 before 7.5.0.10 and 7.6 before 7.6.0.4 allows remote authenticated users to bypass intended item-selection restrictions via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21979519", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21979519" "lang": "eng",
} "value": "shiprec.xml in the SHIPREC application in IBM Maximo Asset Management 7.1 and 7.5 before 7.5.0.10 and 7.6 before 7.6.0.4 allows remote authenticated users to bypass intended item-selection restrictions via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21979519",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979519"
}
]
}
}

148
2016/0xxx/CVE-2016-0396.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0396", "ID": "CVE-2016-0396",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "BigFix Platform", "product_name": "BigFix Platform",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.0" "version_value": "9.0"
}, },
{ {
"version_value" : "9.1" "version_value": "9.1"
}, },
{ {
"version_value" : "9.2" "version_value": "9.2"
}, },
{ {
"version_value" : "9.5" "version_value": "9.5"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21993206", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21993206" "lang": "eng",
}, "value": "IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected."
{ }
"name" : "94155", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94155" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94155",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94155"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21993206",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21993206"
}
]
}
}

290
2016/0xxx/CVE-2016-0701.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-0701", "ID": "CVE-2016-0701",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html" "lang": "eng",
}, "value": "The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file."
{ }
"name" : "http://www.openssl.org/news/secadv/20160128.txt", ]
"refsource" : "CONFIRM", },
"url" : "http://www.openssl.org/news/secadv/20160128.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=878e2c5b13010329c203f309ed0c8f2113f85648", "description": [
"refsource" : "CONFIRM", {
"url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=878e2c5b13010329c203f309ed0c8f2113f85648" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=c5b831f21d0d29d1e517d139d9d101763f60c9a2", ]
"refsource" : "CONFIRM", }
"url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=c5b831f21d0d29d1e517d139d9d101763f60c9a2" ]
}, },
{ "references": {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164821", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164821" "name": "FEDORA-2016-527018d2ff",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176373.html"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", },
"refsource" : "CONFIRM", {
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" "name": "1034849",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1034849"
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390893", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390893" "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=c5b831f21d0d29d1e517d139d9d101763f60c9a2",
}, "refsource": "CONFIRM",
{ "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=c5b831f21d0d29d1e517d139d9d101763f60c9a2"
"name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03724en_us", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03724en_us" "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=878e2c5b13010329c203f309ed0c8f2113f85648",
}, "refsource": "CONFIRM",
{ "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=878e2c5b13010329c203f309ed0c8f2113f85648"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164821",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164821"
"name" : "FEDORA-2016-527018d2ff", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176373.html" "name": "http://www.openssl.org/news/secadv/20160128.txt",
}, "refsource": "CONFIRM",
{ "url": "http://www.openssl.org/news/secadv/20160128.txt"
"name" : "GLSA-201601-05", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201601-05" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
"name" : "openSUSE-SU-2016:0637", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390893",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390893"
"name" : "USN-2883-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2883-1" "name": "GLSA-201601-05",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201601-05"
"name" : "VU#257823", },
"refsource" : "CERT-VN", {
"url" : "https://www.kb.cert.org/vuls/id/257823" "name": "http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html",
}, "refsource": "MISC",
{ "url": "http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html"
"name" : "91787", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91787" "name": "82233",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/82233"
"name" : "82233", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/82233" "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03724en_us",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03724en_us"
"name" : "1034849", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034849" "name": "91787",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/91787"
} },
} {
"name": "VU#257823",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/257823"
},
{
"name": "openSUSE-SU-2016:0637",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html"
},
{
"name": "USN-2883-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2883-1"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759"
}
]
}
}

34
2016/1000xxx/CVE-2016-1000169.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1000169", "ID": "CVE-2016-1000169",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2016/10xxx/CVE-2016-10056.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10056", "ID": "CVE-2016-10056",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/12/26/9" "lang": "eng",
}, "value": "Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1410465", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1410465" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "95190", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/95190" ]
}, },
{ "references": {
"name" : "95191", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95191" "name": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1",
} "refsource": "CONFIRM",
] "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1"
} },
} {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410465",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410465"
},
{
"name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
},
{
"name": "95190",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95190"
},
{
"name": "95191",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95191"
}
]
}
}

130
2016/10xxx/CVE-2016-10177.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10177", "ID": "CVE-2016-10177",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html" "lang": "eng",
}, "value": "An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234."
{ }
"name" : "95877", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95877" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html",
"refsource": "MISC",
"url": "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html"
},
{
"name": "95877",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95877"
}
]
}
}

34
2016/10xxx/CVE-2016-10240.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10240", "ID": "CVE-2016-10240",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

122
2016/10xxx/CVE-2016-10608.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2016-10608", "ID": "CVE-2016-10608",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "robot-js node module", "product_name": "robot-js node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions" "version_value": "All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "robot-js is a module for native system automation for node.js. robot-js downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing Encryption of Sensitive Data (CWE-311)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://nodesecurity.io/advisories/201", "description_data": [
"refsource" : "MISC", {
"url" : "https://nodesecurity.io/advisories/201" "lang": "eng",
} "value": "robot-js is a module for native system automation for node.js. robot-js downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Encryption of Sensitive Data (CWE-311)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodesecurity.io/advisories/201",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/201"
}
]
}
}

170
2016/4xxx/CVE-2016-4172.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-4172", "ID": "CVE-2016-4172",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" "lang": "eng",
}, "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246."
{ }
"name" : "RHSA-2016:1423", ]
"refsource" : "REDHAT", },
"url" : "https://access.redhat.com/errata/RHSA-2016:1423" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SUSE-SU-2016:1826", "description": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2016:1802", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" ]
}, },
{ "references": {
"name" : "91725", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91725" "name": "SUSE-SU-2016:1826",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html"
"name" : "1036280", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036280" "name": "openSUSE-SU-2016:1802",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html"
} },
} {
"name": "91725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91725"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html"
},
{
"name": "RHSA-2016:1423",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1423"
},
{
"name": "1036280",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036280"
}
]
}
}

120
2016/4xxx/CVE-2016-4358.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4358", "ID": "CVE-2016-4358",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" "lang": "eng",
} "value": "HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
}
]
}
}

162
2016/4xxx/CVE-2016-4857.json
View File

@ -1,83 +1,83 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-4857", "ID": "CVE-2016-4857",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Splunk Enterprise", "product_name": "Splunk Enterprise",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.4.x prior to 6.4.2" "version_value": "6.4.x prior to 6.4.2"
}, },
{ {
"version_value" : "6.3.x prior to 6.3.6" "version_value": "6.3.x prior to 6.3.6"
}, },
{ {
"version_value" : "6.2.x prior to 6.2.11" "version_value": "6.2.x prior to 6.2.11"
} }
] ]
} }
}, },
{ {
"product_name" : "Splunk Light", "product_name": "Splunk Light",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to 6.4.2" "version_value": "prior to 6.4.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Splunk Inc." "vendor_name": "Splunk Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.11 and Splunk Light prior to 6.4.2 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Open Redirect"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.splunk.com/view/SP-CAAAPQM", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.splunk.com/view/SP-CAAAPQM" "lang": "eng",
}, "value": "Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.11 and Splunk Light prior to 6.4.2 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
{ }
"name" : "JVN#39926655", ]
"refsource" : "JVN", },
"url" : "https://jvn.jp/en/jp/JVN39926655/index.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Open Redirect"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.splunk.com/view/SP-CAAAPQM",
"refsource": "CONFIRM",
"url": "https://www.splunk.com/view/SP-CAAAPQM"
},
{
"name": "JVN#39926655",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN39926655/index.html"
}
]
}
}

140
2016/4xxx/CVE-2016-4907.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-4907", "ID": "CVE-2016-4907",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cybozu Garoon", "product_name": "Cybozu Garoon",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.0.0 to 4.2.2" "version_value": "3.0.0 to 4.2.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cybozu, Inc." "vendor_name": "Cybozu, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.cybozu.com/ja-jp/article/9441", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.cybozu.com/ja-jp/article/9441" "lang": "eng",
}, "value": "Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors."
{ }
"name" : "JVN#13218253", ]
"refsource" : "JVN", },
"url" : "https://jvn.jp/en/jp/JVN13218253/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "94965", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94965" "lang": "eng",
} "value": "Information Disclosure"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://support.cybozu.com/ja-jp/article/9441",
"refsource": "CONFIRM",
"url": "https://support.cybozu.com/ja-jp/article/9441"
},
{
"name": "94965",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94965"
},
{
"name": "JVN#13218253",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN13218253/index.html"
}
]
}
}

140
2016/9xxx/CVE-2016-9199.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-9199", "ID": "CVE-2016-9199",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco IOx", "product_name": "Cisco IOx",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco IOx" "version_value": "Cisco IOx"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. Affected Products: This vulnerability affects specific releases of the Cisco IOx subsystem of Cisco IOS and IOS XE Software. More Information: CSCvb23331. Known Affected Releases: 15.2(6.0.57i)E CAF-1.1.0.0."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "unspecified"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-caf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-caf" "lang": "eng",
}, "value": "A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. Affected Products: This vulnerability affects specific releases of the Cisco IOx subsystem of Cisco IOS and IOS XE Software. More Information: CSCvb23331. Known Affected Releases: 15.2(6.0.57i)E CAF-1.1.0.0."
{ }
"name" : "94788", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94788" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037427", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037427" "lang": "eng",
} "value": "unspecified"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-caf",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-caf"
},
{
"name": "94788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94788"
},
{
"name": "1037427",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037427"
}
]
}
}

34
2016/9xxx/CVE-2016-9503.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-9503", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-9503",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

34
2016/9xxx/CVE-2016-9721.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9721", "ID": "CVE-2016-9721",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2108.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2108", "ID": "CVE-2019-2108",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2355.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2355", "ID": "CVE-2019-2355",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2798.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2798", "ID": "CVE-2019-2798",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2959.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2959", "ID": "CVE-2019-2959",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3127.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3127", "ID": "CVE-2019-3127",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3534.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3534", "ID": "CVE-2019-3534",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3590.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3590", "ID": "CVE-2019-3590",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3592.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3592", "ID": "CVE-2019-3592",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6328.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6328", "ID": "CVE-2019-6328",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

132
2019/6xxx/CVE-2019-6595.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "f5sirt@f5.com", "ASSIGNER": "f5sirt@f5.com",
"DATE_PUBLIC" : "2019-02-26T00:00:00", "DATE_PUBLIC": "2019-02-26T00:00:00",
"ID" : "CVE-2019-6595", "ID": "CVE-2019-6595",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "BIG-IP (APM)", "product_name": "BIG-IP (APM)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "11.5.x,11.6.x" "version_value": "11.5.x,11.6.x"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "F5 Networks, Inc." "vendor_name": "F5 Networks, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy Manager (APM) 11.5.x and 11.6.x Admin Web UI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XSS"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.f5.com/csp/article/K31424926", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.f5.com/csp/article/K31424926" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy Manager (APM) 11.5.x and 11.6.x Admin Web UI."
{ }
"name" : "107173", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/107173" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K31424926",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K31424926"
},
{
"name": "107173",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107173"
}
]
}
}

34
2019/6xxx/CVE-2019-6751.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6751", "ID": "CVE-2019-6751",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6924.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6924", "ID": "CVE-2019-6924",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/7xxx/CVE-2019-7173.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7173", "ID": "CVE-2019-7173",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/croogo/croogo/issues/889", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/croogo/croogo/issues/889" "lang": "eng",
} "value": "A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/croogo/croogo/issues/889",
"refsource": "MISC",
"url": "https://github.com/croogo/croogo/issues/889"
}
]
}
}

130
2019/7xxx/CVE-2019-7324.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7324", "ID": "CVE-2019-7324",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "app/Core/Paginator.php in Kanboard before 1.2.8 has XSS in pagination sorting."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/kanboard/kanboard/commit/83deec2e3621c40d15a06e2491f27571d32fe10f", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/kanboard/kanboard/commit/83deec2e3621c40d15a06e2491f27571d32fe10f" "lang": "eng",
}, "value": "app/Core/Paginator.php in Kanboard before 1.2.8 has XSS in pagination sorting."
{ }
"name" : "https://github.com/kanboard/kanboard/releases/tag/v1.2.8", ]
"refsource" : "MISC", },
"url" : "https://github.com/kanboard/kanboard/releases/tag/v1.2.8" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kanboard/kanboard/commit/83deec2e3621c40d15a06e2491f27571d32fe10f",
"refsource": "MISC",
"url": "https://github.com/kanboard/kanboard/commit/83deec2e3621c40d15a06e2491f27571d32fe10f"
},
{
"name": "https://github.com/kanboard/kanboard/releases/tag/v1.2.8",
"refsource": "MISC",
"url": "https://github.com/kanboard/kanboard/releases/tag/v1.2.8"
}
]
}
}

34
2019/7xxx/CVE-2019-7491.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7491", "ID": "CVE-2019-7491",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7788.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7788", "ID": "CVE-2019-7788",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7857.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7857", "ID": "CVE-2019-7857",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8005.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8005", "ID": "CVE-2019-8005",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8218.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8218", "ID": "CVE-2019-8218",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8528.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8528", "ID": "CVE-2019-8528",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8611.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8611", "ID": "CVE-2019-8611",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9230.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9230", "ID": "CVE-2019-9230",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9604.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9604", "ID": "CVE-2019-9604",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9823.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9823", "ID": "CVE-2019-9823",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }