admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 21:37:05 +00:00
parent 972b850b38
commit d5892e804a
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
62 changed files with 3782 additions and 3782 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

140
1999/0xxx/CVE-1999-0995.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0995", "ID": "CVE-1999-0995",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka \"Malformed Security Identifier Request.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS99-057", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-057" "lang": "eng",
}, "value": "Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka \"Malformed Security Identifier Request.\""
{ }
"name" : "Q248185", ]
"refsource" : "MSKB", },
"url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q248185" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "875", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/875" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "Q248185",
"refsource": "MSKB",
"url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q248185"
},
{
"name": "MS99-057",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-057"
},
{
"name": "875",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/875"
}
]
}
}

130
1999/1xxx/CVE-1999-1200.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1200", "ID": "CVE-1999-1200",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vintra SMTP MailServer allows remote attackers to cause a denial of service via a malformed \"EXPN *@\" command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19980720 DOS in Vintra systems Mailserver software.", "description_data": [
"refsource" : "NTBUGTRAQ", {
"url" : "http://marc.info/?l=ntbugtraq&m=90222454131610&w=2" "lang": "eng",
}, "value": "Vintra SMTP MailServer allows remote attackers to cause a denial of service via a malformed \"EXPN *@\" command."
{ }
"name" : "vintra-mail-dos(1617)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1617" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19980720 DOS in Vintra systems Mailserver software.",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=90222454131610&w=2"
},
{
"name": "vintra-mail-dos(1617)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1617"
}
]
}
}

130
1999/1xxx/CVE-1999-1226.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1226", "ID": "CVE-1999-1226",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html" "lang": "eng",
}, "value": "Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key."
{ }
"name" : "netscape-huge-key-dos(3436)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netscape-huge-key-dos(3436)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436"
},
{
"name": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html"
}
]
}
}

150
1999/1xxx/CVE-1999-1233.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1233", "ID": "CVE-1999-1233",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the \"Domain Resolution\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS99-039", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-039" "lang": "eng",
}, "value": "IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the \"Domain Resolution\" vulnerability."
{ }
"name" : "241562", ]
"refsource" : "MSKB", },
"url" : "http://support.microsoft.com/support/kb/articles/Q241/5/62.asp" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "657", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/657" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "iis-unresolved-domain-access(3306)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3306" ]
} },
] "references": {
} "reference_data": [
} {
"name": "iis-unresolved-domain-access(3306)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3306"
},
{
"name": "241562",
"refsource": "MSKB",
"url": "http://support.microsoft.com/support/kb/articles/Q241/5/62.asp"
},
{
"name": "657",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/657"
},
{
"name": "MS99-039",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-039"
}
]
}
}

140
1999/1xxx/CVE-1999-1509.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1509", "ID": "CVE-1999-1509",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19991104 Eserv 2.50 Web interface Server Directory Traversal Vulnerability", "description_data": [
"refsource" : "NTBUGTRAQ", {
"url" : "http://marc.info/?l=ntbugtraq&m=94177470915423&w=2" "lang": "eng",
}, "value": "Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL."
{ }
"name" : "19991104 Eserv 2.50 Web interface Server Directory Traversal Vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=94183041514522&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "773", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/773" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "773",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/773"
},
{
"name": "19991104 Eserv 2.50 Web interface Server Directory Traversal Vulnerability",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=94177470915423&w=2"
},
{
"name": "19991104 Eserv 2.50 Web interface Server Directory Traversal Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=94183041514522&w=2"
}
]
}
}

160
2000/0xxx/CVE-2000-0229.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0229", "ID": "CVE-2000-0229",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000322 gpm-root", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html" "lang": "eng",
}, "value": "gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root."
{ }
"name" : "20000405 Security hole in gpm < 1.18.1", ]
"refsource" : "SUSE", },
"url" : "http://www.novell.com/linux/security/advisories/suse_security_announce_45.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2000:009", "description": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2000-009.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2000:045", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2000-045.html" ]
}, },
{ "references": {
"name" : "1069", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1069" "name": "RHSA-2000:045",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2000-045.html"
} },
} {
"name": "20000322 gpm-root",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html"
},
{
"name": "1069",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1069"
},
{
"name": "RHSA-2000:009",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-009.html"
},
{
"name": "20000405 Security hole in gpm < 1.18.1",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_45.html"
}
]
}
}

160
2000/0xxx/CVE-2000-0243.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0243", "ID": "CVE-2000-0243",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to cause a denial of service via a short GET request to cgi-bin."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000324 AnalogX SimpleServer 1.03 Remote Crash\" at:", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=web-5645555@post2.rnci.com" "lang": "eng",
}, "value": "AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to cause a denial of service via a short GET request to cgi-bin."
{ }
"name" : "http://www.analogx.com/contents/download/network/sswww.htm", ]
"refsource" : "MISC", },
"url" : "http://www.analogx.com/contents/download/network/sswww.htm" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "simpleserver-exception-dos(4189)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4189" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1076", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/1076" ]
}, },
{ "references": {
"name" : "1265", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/1265" "name": "http://www.analogx.com/contents/download/network/sswww.htm",
} "refsource": "MISC",
] "url": "http://www.analogx.com/contents/download/network/sswww.htm"
} },
} {
"name": "1265",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1265"
},
{
"name": "simpleserver-exception-dos(4189)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4189"
},
{
"name": "20000324 AnalogX SimpleServer 1.03 Remote Crash\" at:",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=web-5645555@post2.rnci.com"
},
{
"name": "1076",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1076"
}
]
}
}

140
2000/0xxx/CVE-2000-0571.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0571", "ID": "CVE-2000-0571",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial of service via a long GET request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000703 Remote DoS Attack in LocalWEB HTTP Server 1.2.0 Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-07-8&msg=NCBBKFKDOLAGKIAPMILPCEIHCFAA.labs@ussrback.com" "lang": "eng",
}, "value": "LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial of service via a long GET request."
{ }
"name" : "1423", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1423" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "localweb-get-bo(4896)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4896" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "localweb-get-bo(4896)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4896"
},
{
"name": "1423",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1423"
},
{
"name": "20000703 Remote DoS Attack in LocalWEB HTTP Server 1.2.0 Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-07-8&msg=NCBBKFKDOLAGKIAPMILPCEIHCFAA.labs@ussrback.com"
}
]
}
}

140
2000/0xxx/CVE-2000-0720.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0720", "ID": "CVE-2000-0720",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000829 News Publisher CGI Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=003301c0123b$18f8c1a0$953b29d4@e8s9s4" "lang": "eng",
}, "value": "news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program."
{ }
"name" : "1621", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1621" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "news-publisher-add-author(5169)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5169" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "news-publisher-add-author(5169)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5169"
},
{
"name": "1621",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1621"
},
{
"name": "20000829 News Publisher CGI Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=003301c0123b$18f8c1a0$953b29d4@e8s9s4"
}
]
}
}

180
2000/0xxx/CVE-2000-0909.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0909", "ID": "CVE-2000-0909",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000922 [ no subject ]", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/84901" "lang": "eng",
}, "value": "Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header."
{ }
"name" : "20001031 FW: Pine 4.30 now available", ]
"refsource" : "BUGTRAQ", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0441.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FreeBSD-SA-00:59", "description": [
"refsource" : "FREEBSD", {
"url" : "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2000:102", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2000-102.html" ]
}, },
{ "references": {
"name" : "MDKSA-2000:073", "reference_data": [
"refsource" : "MANDRAKE", {
"url" : "http://www.linux-mandrake.com/en/security/MDKSA-2000-073.php3" "name": "FreeBSD-SA-00:59",
}, "refsource": "FREEBSD",
{ "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc"
"name" : "1709", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1709" "name": "RHSA-2000:102",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2000-102.html"
"name" : "pine-check-mail-bo(5283)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5283" "name": "20001031 FW: Pine 4.30 now available",
} "refsource": "BUGTRAQ",
] "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0441.html"
} },
} {
"name": "1709",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1709"
},
{
"name": "20000922 [ no subject ]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/84901"
},
{
"name": "MDKSA-2000:073",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-073.php3"
},
{
"name": "pine-check-mail-bo(5283)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5283"
}
]
}
}

140
2000/0xxx/CVE-2000-0922.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0922", "ID": "CVE-2000-0922",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001008 Security Advisory: Bytes Interactive's Web Shopper (shopper.cgi) Directory Traversal Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0120.html" "lang": "eng",
}, "value": "Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage parameter."
{ }
"name" : "1776", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1776" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "web-shopper-directory-traversal(5351)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5351" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1776",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1776"
},
{
"name": "web-shopper-directory-traversal(5351)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5351"
},
{
"name": "20001008 Security Advisory: Bytes Interactive's Web Shopper (shopper.cgi) Directory Traversal Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0120.html"
}
]
}
}

140
2000/0xxx/CVE-2000-0954.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0954", "ID": "CVE-2000-0954",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001009 Shambala 4.5 vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0134.html" "lang": "eng",
}, "value": "Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server."
{ }
"name" : "1771", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1771" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "shambala-password-plaintext(5346)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5346" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "shambala-password-plaintext(5346)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5346"
},
{
"name": "20001009 Shambala 4.5 vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0134.html"
},
{
"name": "1771",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1771"
}
]
}
}

160
2000/1xxx/CVE-2000-1146.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1146", "ID": "CVE-2000-1146",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Recourse ManTrap 1.6 allows attackers to cause a denial of service via a sequence of commands that navigate into and out of the /proc/self directory and executing various commands such as ls or pwd."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001102 Mantrap By Recourse Technologies - Fate Advisory (11-01-00)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html" "lang": "eng",
}, "value": "Recourse ManTrap 1.6 allows attackers to cause a denial of service via a sequence of commands that navigate into and out of the /proc/self directory and executing various commands such as ls or pwd."
{ }
"name" : "20001107 Vendor Response Re: Mantrap Advisory Vendor Followup - Fate Research Labs", ]
"refsource" : "BUGTRAQ", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0100.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1913", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1913" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20001105 Mantrap Advisory Vendor Followup - Fate Research Labs", ]
"refsource" : "BUGTRAQ", }
"url" : "http://marc.info/?l=bugtraq&m=97349791405580&w=2" ]
}, },
{ "references": {
"name" : "mantrap-dir-dos(5528)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5528" "name": "20001105 Mantrap Advisory Vendor Followup - Fate Research Labs",
} "refsource": "BUGTRAQ",
] "url": "http://marc.info/?l=bugtraq&m=97349791405580&w=2"
} },
} {
"name": "mantrap-dir-dos(5528)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5528"
},
{
"name": "1913",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1913"
},
{
"name": "20001102 Mantrap By Recourse Technologies - Fate Advisory (11-01-00)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html"
},
{
"name": "20001107 Vendor Response Re: Mantrap Advisory Vendor Followup - Fate Research Labs",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0100.html"
}
]
}
}

170
2007/1xxx/CVE-2007-1527.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1527", "ID": "CVE-2007-1527",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid IP address for the local network, which allows remote attackers to trick users into communicating with an external host by sending a HELLO packet with the MW characteristic and a spoofed TLV type 0x07 field, aka the \"Spoof and Management URL IP Redirect\" attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070313 New report on Windows Vista network attack surface", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/462793/100/0/threaded" "lang": "eng",
}, "value": "The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid IP address for the local network, which allows remote attackers to trick users into communicating with an external host by sending a HELLO packet with the MW characteristic and a spoofed TLV type 0x07 field, aka the \"Spoof and Management URL IP Redirect\" attack."
{ }
"name" : "20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/464617/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf", "description": [
"refsource" : "MISC", {
"url" : "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html", ]
"refsource" : "MISC", }
"url" : "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html" ]
}, },
{ "references": {
"name" : "23279", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23279" "name": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf",
}, "refsource": "MISC",
{ "url": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf"
"name" : "33663", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33663" "name": "20070313 New report on Windows Vista network attack surface",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/462793/100/0/threaded"
} },
} {
"name": "20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464617/100/0/threaded"
},
{
"name": "33663",
"refsource": "OSVDB",
"url": "http://osvdb.org/33663"
},
{
"name": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html",
"refsource": "MISC",
"url": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html"
},
{
"name": "23279",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23279"
}
]
}
}

170
2007/1xxx/CVE-2007-1616.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1616", "ID": "CVE-2007-1616",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in ScriptMagix Lyrics 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the recid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3515", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3515" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in ScriptMagix Lyrics 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the recid parameter."
{ }
"name" : "23019", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23019" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1016", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1016" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34283", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/34283" ]
}, },
{ "references": {
"name" : "24563", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24563" "name": "23019",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23019"
"name" : "scriptmagixlyrics-index-sql-injection(33056)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33056" "name": "24563",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24563"
} },
} {
"name": "34283",
"refsource": "OSVDB",
"url": "http://osvdb.org/34283"
},
{
"name": "3515",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3515"
},
{
"name": "ADV-2007-1016",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1016"
},
{
"name": "scriptmagixlyrics-index-sql-injection(33056)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33056"
}
]
}
}

370
2007/1xxx/CVE-2007-1718.json
View File

@ -1,187 +1,187 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1718", "ID": "CVE-2007-1718",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a \"\\r\\n\\t\\n\" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.php-security.org/MOPB/MOPB-34-2007.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.php-security.org/MOPB/MOPB-34-2007.html" "lang": "eng",
}, "value": "CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a \"\\r\\n\\t\\n\" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro."
{ }
"name" : "http://us2.php.net/releases/5_2_2.php", ]
"refsource" : "CONFIRM", },
"url" : "http://us2.php.net/releases/5_2_2.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1282", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1282" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-1283", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2007/dsa-1283" ]
}, },
{ "references": {
"name" : "GLSA-200705-19", "reference_data": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200705-19.xml" "name": "23145",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23145"
"name" : "MDKSA-2007:087", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087" "name": "25056",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25056"
"name" : "MDKSA-2007:088", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088" "name": "DSA-1283",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1283"
"name" : "MDKSA-2007:089", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089" "name": "oval:org.mitre.oval:def:10951",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10951"
"name" : "MDKSA-2007:090", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090" "name": "GLSA-200705-19",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
"name" : "RHSA-2007:0155", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0155.html" "name": "1017946",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1017946"
"name" : "RHSA-2007:0153", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0153.html" "name": "RHSA-2007:0162",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
"name" : "RHSA-2007:0162", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0162.html" "name": "25062",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25062"
"name" : "SUSE-SA:2007:032", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html" "name": "php-mailfunction-header-injection(33516)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33516"
"name" : "USN-455-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-455-1" "name": "MDKSA-2007:090",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
"name" : "23145", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23145" "name": "USN-455-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-455-1"
"name" : "oval:org.mitre.oval:def:10951", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10951" "name": "24909",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24909"
"name" : "1017946", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017946" "name": "MDKSA-2007:087",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
"name" : "24924", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24924" "name": "DSA-1282",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1282"
"name" : "24965", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24965" "name": "http://www.php-security.org/MOPB/MOPB-34-2007.html",
}, "refsource": "MISC",
{ "url": "http://www.php-security.org/MOPB/MOPB-34-2007.html"
"name" : "25025", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25025" "name": "http://us2.php.net/releases/5_2_2.php",
}, "refsource": "CONFIRM",
{ "url": "http://us2.php.net/releases/5_2_2.php"
"name" : "25062", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25062" "name": "24924",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24924"
"name" : "25057", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25057" "name": "RHSA-2007:0155",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
"name" : "24909", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24909" "name": "24965",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24965"
"name" : "25056", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25056" "name": "MDKSA-2007:089",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
"name" : "25445", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25445" "name": "25445",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25445"
"name" : "php-mailfunction-header-injection(33516)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33516" "name": "25057",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/25057"
} },
} {
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "25025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25025"
},
{
"name": "MDKSA-2007:088",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"name": "RHSA-2007:0153",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html"
}
]
}
}

180
2007/1xxx/CVE-2007-1914.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1914", "ID": "CVE-2007-1914",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to obtain sensitive information (external RFC server configuration data) via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070404 CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/464678/100/0/threaded" "lang": "eng",
}, "value": "The RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to obtain sensitive information (external RFC server configuration data) via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended."
{ }
"name" : "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_PROGRAM_RFC_Function_Multiple_Vulnerabilities.pdf", ]
"refsource" : "MISC", },
"url" : "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_PROGRAM_RFC_Function_Multiple_Vulnerabilities.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "23313", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23313" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-1270", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/1270" ]
}, },
{ "references": {
"name" : "24722", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24722" "name": "2538",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2538"
"name" : "2538", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2538" "name": "23313",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23313"
"name" : "sap-rfc-startprogram-information-disclosure(33422)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33422" "name": "20070404 CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/464678/100/0/threaded"
} },
} {
"name": "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_PROGRAM_RFC_Function_Multiple_Vulnerabilities.pdf",
"refsource": "MISC",
"url": "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_PROGRAM_RFC_Function_Multiple_Vulnerabilities.pdf"
},
{
"name": "24722",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24722"
},
{
"name": "ADV-2007-1270",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1270"
},
{
"name": "sap-rfc-startprogram-information-disclosure(33422)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33422"
}
]
}
}

170
2007/5xxx/CVE-2007-5294.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5294", "ID": "CVE-2007-5294",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in core/aural.php in IDMOS 1.0-beta (aka Phoenix) allows remote attackers to execute arbitrary PHP code via a URL in the site_absolute_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071006 idmos-phoenix cms Remote File inclusion", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/481682/100/0/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in core/aural.php in IDMOS 1.0-beta (aka Phoenix) allows remote attackers to execute arbitrary PHP code via a URL in the site_absolute_path parameter."
{ }
"name" : "4495", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/4495" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-3433", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3433" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "38633", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/38633" ]
}, },
{ "references": {
"name" : "3205", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3205" "name": "4495",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/4495"
"name" : "idmos-aural-file-include(36994)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36994" "name": "20071006 idmos-phoenix cms Remote File inclusion",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/481682/100/0/threaded"
} },
} {
"name": "3205",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3205"
},
{
"name": "38633",
"refsource": "OSVDB",
"url": "http://osvdb.org/38633"
},
{
"name": "ADV-2007-3433",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3433"
},
{
"name": "idmos-aural-file-include(36994)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36994"
}
]
}
}

230
2007/5xxx/CVE-2007-5506.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5506", "ID": "CVE-2007-5506",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071017 Oracle RDBMS TNS Data packet DoS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/482424/100/0/threaded" "lang": "eng",
}, "value": "The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "HPSBMA02133", "description": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SSRT061201", ]
"refsource" : "HP", }
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" ]
}, },
{ "references": {
"name" : "TA07-290A", "reference_data": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
"name" : "26108", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26108" "name": "26108",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26108"
"name" : "ADV-2007-3524", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3524" "name": "ADV-2007-3524",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3524"
"name" : "ADV-2007-3626", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3626" "name": "20071017 Oracle RDBMS TNS Data packet DoS",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/482424/100/0/threaded"
"name" : "1018823", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018823" "name": "ADV-2007-3626",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3626"
"name" : "27251", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27251" "name": "TA07-290A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html"
"name" : "27409", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27409" "name": "3244",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/3244"
"name" : "3244", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3244" "name": "SSRT061201",
} "refsource": "HP",
] "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
} },
} {
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
},
{
"name": "1018823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018823"
},
{
"name": "27409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27409"
},
{
"name": "27251",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27251"
}
]
}
}

170
2007/5xxx/CVE-2007-5701.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5701", "ID": "CVE-2007-5701",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7.0.3 allows local users, or attackers with physical access, to obtain sensitive information (passwords) when an administrator enters a \"ca activate\" or \"ca unlock\" command with any uppercase character, which bypasses a blacklist designed to suppress password logging, resulting in cleartext password disclosure in the console log and Admin panel."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21261095", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21261095" "lang": "eng",
}, "value": "Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7.0.3 allows local users, or attackers with physical access, to obtain sensitive information (passwords) when an administrator enters a \"ca activate\" or \"ca unlock\" command with any uppercase character, which bypasses a blacklist designed to suppress password logging, resulting in cleartext password disclosure in the console log and Admin panel."
{ }
"name" : "26176", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/26176" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-3598", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3598" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "40952", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/40952" ]
}, },
{ "references": {
"name" : "27321", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27321" "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21261095",
}, "refsource": "CONFIRM",
{ "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21261095"
"name" : "domino-ca-password-disclosure(37372)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37372" "name": "domino-ca-password-disclosure(37372)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37372"
} },
} {
"name": "ADV-2007-3598",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3598"
},
{
"name": "40952",
"refsource": "OSVDB",
"url": "http://osvdb.org/40952"
},
{
"name": "26176",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26176"
},
{
"name": "27321",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27321"
}
]
}
}

150
2007/5xxx/CVE-2007-5995.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5995", "ID": "CVE-2007-5995",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in examples/patExampleGen/bbcodeSource.php in patBBcode 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the example parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4621", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4621" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in examples/patExampleGen/bbcodeSource.php in patBBcode 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the example parameter."
{ }
"name" : "26416", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/26416" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-3904", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3904" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "patbbcode-bbcodesource-file-include(38425)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38425" ]
} },
] "references": {
} "reference_data": [
} {
"name": "4621",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4621"
},
{
"name": "26416",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26416"
},
{
"name": "patbbcode-bbcodesource-file-include(38425)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38425"
},
{
"name": "ADV-2007-3904",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3904"
}
]
}
}

180
2015/3xxx/CVE-2015-3815.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3815", "ID": "CVE-2015-3815",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The detect_version function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not check the length of the payload, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a packet with a crafted payload, as demonstrated by a length of zero, a different vulnerability than CVE-2015-3906."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blog.fuzzing-project.org/11-Read-heap-overflow-invalid-memory-access-in-Wireshark-TFPA-0072015.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://blog.fuzzing-project.org/11-Read-heap-overflow-invalid-memory-access-in-Wireshark-TFPA-0072015.html" "lang": "eng",
}, "value": "The detect_version function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not check the length of the payload, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a packet with a crafted payload, as demonstrated by a length of zero, a different vulnerability than CVE-2015-3906."
{ }
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-18.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-18.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11188", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11188" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b3b1f7c3aa2233a147294bad833b748d38fba84d", ]
"refsource" : "CONFIRM", }
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b3b1f7c3aa2233a147294bad833b748d38fba84d" ]
}, },
{ "references": {
"name" : "DSA-3277", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3277" "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11188",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11188"
"name" : "GLSA-201510-03", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201510-03" "name": "DSA-3277",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3277"
"name" : "74630", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74630" "name": "74630",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/74630"
} },
} {
"name": "http://www.wireshark.org/security/wnpa-sec-2015-18.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-18.html"
},
{
"name": "https://blog.fuzzing-project.org/11-Read-heap-overflow-invalid-memory-access-in-Wireshark-TFPA-0072015.html",
"refsource": "MISC",
"url": "https://blog.fuzzing-project.org/11-Read-heap-overflow-invalid-memory-access-in-Wireshark-TFPA-0072015.html"
},
{
"name": "GLSA-201510-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201510-03"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b3b1f7c3aa2233a147294bad833b748d38fba84d",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b3b1f7c3aa2233a147294bad833b748d38fba84d"
}
]
}
}

140
2015/3xxx/CVE-2015-3876.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2015-3876", "ID": "CVE-2015-3876",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libstagefright in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://twitter.com/4Dgifts/statuses/649589185792339968", "description_data": [
"refsource" : "MISC", {
"url" : "http://twitter.com/4Dgifts/statuses/649589185792339968" "lang": "eng",
}, "value": "libstagefright in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file."
{ }
"name" : "https://code.google.com/p/android/issues/detail?id=182386", ]
"refsource" : "MISC", },
"url" : "https://code.google.com/p/android/issues/detail?id=182386" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1033725", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033725" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1033725",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033725"
},
{
"name": "https://code.google.com/p/android/issues/detail?id=182386",
"refsource": "MISC",
"url": "https://code.google.com/p/android/issues/detail?id=182386"
},
{
"name": "http://twitter.com/4Dgifts/statuses/649589185792339968",
"refsource": "MISC",
"url": "http://twitter.com/4Dgifts/statuses/649589185792339968"
}
]
}
}

130
2015/4xxx/CVE-2015-4085.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4085", "ID": "CVE-2015-4085",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150526 Re: CVE Request for read-only directory traversal in Etherpad frontend tests", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/05/26/3" "lang": "eng",
}, "value": "Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1."
{ }
"name" : "https://github.com/ether/etherpad-lite/commit/5409eb314c4e072b9760b8d30b985fa0bb96a006", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/ether/etherpad-lite/commit/5409eb314c4e072b9760b8d30b985fa0bb96a006" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150526 Re: CVE Request for read-only directory traversal in Etherpad frontend tests",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/26/3"
},
{
"name": "https://github.com/ether/etherpad-lite/commit/5409eb314c4e072b9760b8d30b985fa0bb96a006",
"refsource": "CONFIRM",
"url": "https://github.com/ether/etherpad-lite/commit/5409eb314c4e072b9760b8d30b985fa0bb96a006"
}
]
}
}

460
2015/4xxx/CVE-2015-4883.json
View File

@ -1,232 +1,232 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4883", "ID": "CVE-2015-4883",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3381", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3381" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201603-11", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201603-11" ]
}, },
{ "references": {
"name" : "GLSA-201603-14", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201603-14" "name": "SUSE-SU-2015:2182",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
"name" : "RHSA-2016:1430", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1430" "name": "77161",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/77161"
"name" : "RHSA-2015:2506", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2506.html" "name": "USN-2784-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2784-1"
"name" : "RHSA-2015:2507", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2507.html" "name": "openSUSE-SU-2015:1905",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
"name" : "RHSA-2015:2508", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2508.html" "name": "SUSE-SU-2015:2192",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
"name" : "RHSA-2015:2509", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2509.html" "name": "openSUSE-SU-2015:1906",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
"name" : "RHSA-2015:2518", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2518.html" "name": "RHSA-2015:2507",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
"name" : "RHSA-2015:1919", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1919.html" "name": "RHSA-2015:1928",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
"name" : "RHSA-2015:1920", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1920.html" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
"name" : "RHSA-2015:1921", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1921.html" "name": "RHSA-2016:1430",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1430"
"name" : "RHSA-2015:1926", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1926.html" "name": "RHSA-2015:2506",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
"name" : "RHSA-2015:1927", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1927.html" "name": "RHSA-2015:2509",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
"name" : "RHSA-2015:1928", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1928.html" "name": "1033884",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033884"
"name" : "SUSE-SU-2016:0113", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" "name": "SUSE-SU-2015:2166",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
"name" : "openSUSE-SU-2016:0270", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"name" : "SUSE-SU-2015:2166", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" "name": "openSUSE-SU-2016:0270",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
"name" : "SUSE-SU-2015:2168", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" "name": "RHSA-2015:1919",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
"name" : "SUSE-SU-2015:2182", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" "name": "GLSA-201603-11",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201603-11"
"name" : "SUSE-SU-2015:2192", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" "name": "openSUSE-SU-2015:1902",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
"name" : "SUSE-SU-2015:2216", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" "name": "RHSA-2015:1920",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
"name" : "SUSE-SU-2015:2268", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html" "name": "RHSA-2015:2518",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html"
"name" : "SUSE-SU-2015:1874", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html" "name": "GLSA-201603-14",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201603-14"
"name" : "SUSE-SU-2015:1875", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html" "name": "SUSE-SU-2015:2216",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
"name" : "openSUSE-SU-2015:1902", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html" "name": "RHSA-2015:1927",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
"name" : "openSUSE-SU-2015:1905", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html" "name": "openSUSE-SU-2015:1971",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
"name" : "openSUSE-SU-2015:1906", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html" "name": "SUSE-SU-2015:2268",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
"name" : "openSUSE-SU-2015:1971", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html" "name": "SUSE-SU-2015:2168",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
"name" : "USN-2827-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2827-1" "name": "RHSA-2015:1921",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
"name" : "USN-2784-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2784-1" "name": "SUSE-SU-2015:1874",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
"name" : "77161", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77161" "name": "DSA-3381",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3381"
"name" : "1033884", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033884" "name": "RHSA-2015:1926",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
} },
} {
"name": "SUSE-SU-2015:1875",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"name": "RHSA-2015:2508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"name": "SUSE-SU-2016:0113",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
]
}
}

170
2015/7xxx/CVE-2015-7225.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7225", "ID": "CVE-2015-7225",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Tinfoil Devise-two-factor before 2.0.0 does not strictly follow section 5.2 of RFC 6238 and does not \"burn\" a successfully validated one-time password (aka OTP), which allows remote or physically proximate attackers with a target user's login credentials to log in as said user by obtaining the OTP through performing a man-in-the-middle attack between the provider and verifier, or shoulder surfing, and replaying the OTP in the current time-step."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150917 Re: CVE Request: TOTP Replay Attack in Ruby library", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/09/17/2" "lang": "eng",
}, "value": "Tinfoil Devise-two-factor before 2.0.0 does not strictly follow section 5.2 of RFC 6238 and does not \"burn\" a successfully validated one-time password (aka OTP), which allows remote or physically proximate attackers with a target user's login credentials to log in as said user by obtaining the OTP through performing a man-in-the-middle attack between the provider and verifier, or shoulder surfing, and replaying the OTP in the current time-step."
{ }
"name" : "[oss-sercurity] 20150620 CVE Request: MITM & Shoulder-surfing vuln in Ruby OTP/HOTP/TOTP library \"ROPT\"", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2015/06/20/4" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798466", "description": [
"refsource" : "MISC", {
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798466" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/tinfoil/devise-two-factor/blob/master/UPGRADING.md", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/tinfoil/devise-two-factor/blob/master/UPGRADING.md" ]
}, },
{ "references": {
"name" : "https://github.com/tinfoil/devise-two-factor/issues/45#issuecomment-139335608", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/tinfoil/devise-two-factor/issues/45#issuecomment-139335608" "name": "https://github.com/tinfoil/devise-two-factor/blob/master/UPGRADING.md",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/tinfoil/devise-two-factor/blob/master/UPGRADING.md"
"name" : "76789", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76789" "name": "[oss-security] 20150917 Re: CVE Request: TOTP Replay Attack in Ruby library",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2015/09/17/2"
} },
} {
"name": "[oss-sercurity] 20150620 CVE Request: MITM & Shoulder-surfing vuln in Ruby OTP/HOTP/TOTP library \"ROPT\"",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/20/4"
},
{
"name": "76789",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76789"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798466",
"refsource": "MISC",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798466"
},
{
"name": "https://github.com/tinfoil/devise-two-factor/issues/45#issuecomment-139335608",
"refsource": "CONFIRM",
"url": "https://github.com/tinfoil/devise-two-factor/issues/45#issuecomment-139335608"
}
]
}
}

150
2015/7xxx/CVE-2015-7397.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-7397", "ID": "CVE-2015-7397",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple open redirect vulnerabilities in the Aurora starter store in IBM WebSphere Commerce 7.0 through Feature Pack 8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referrer parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21969562", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21969562" "lang": "eng",
}, "value": "Multiple open redirect vulnerabilities in the Aurora starter store in IBM WebSphere Commerce 7.0 through Feature Pack 8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referrer parameter."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24041142", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24041142" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JR54295", "description": [
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54295" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1034640", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1034640" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24041142",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24041142"
},
{
"name": "1034640",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034640"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21969562",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969562"
},
{
"name": "JR54295",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54295"
}
]
}
}

34
2015/7xxx/CVE-2015-7480.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7480", "ID": "CVE-2015-7480",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2015/7xxx/CVE-2015-7549.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-7549", "ID": "CVE-2015-7549",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20151214 CVE-2015-7549 Qemu: pci: msi-x: null pointer dereference issue", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/12/14/2" "lang": "eng",
}, "value": "The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method."
{ }
"name" : "http://git.qemu.org/?p=qemu.git;a=commit;h=43b11a91dd861a946b231b89b754285", ]
"refsource" : "CONFIRM", },
"url" : "http://git.qemu.org/?p=qemu.git;a=commit;h=43b11a91dd861a946b231b89b754285" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1291137", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1291137" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3471", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3471" ]
}, },
{ "references": {
"name" : "FEDORA-2016-e9bba2bb01", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175380.html" "name": "[oss-security] 20151214 CVE-2015-7549 Qemu: pci: msi-x: null pointer dereference issue",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/12/14/2"
"name" : "GLSA-201602-01", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201602-01" "name": "80761",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/80761"
"name" : "80761", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/80761" "name": "DSA-3471",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2016/dsa-3471"
} },
} {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1291137",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291137"
},
{
"name": "http://git.qemu.org/?p=qemu.git;a=commit;h=43b11a91dd861a946b231b89b754285",
"refsource": "CONFIRM",
"url": "http://git.qemu.org/?p=qemu.git;a=commit;h=43b11a91dd861a946b231b89b754285"
},
{
"name": "GLSA-201602-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201602-01"
},
{
"name": "FEDORA-2016-e9bba2bb01",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175380.html"
}
]
}
}

34
2015/8xxx/CVE-2015-8202.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8202", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8202",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

120
2015/8xxx/CVE-2015-8227.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8227", "ID": "CVE-2015-8227",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The built-in web server in Huawei VP9660 multi-point control unit with software before V200R001C30SPC700 allows remote administrators to obtain sensitive information or cause a denial of service via a crafted message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461216.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461216.htm" "lang": "eng",
} "value": "The built-in web server in Huawei VP9660 multi-point control unit with software before V200R001C30SPC700 allows remote administrators to obtain sensitive information or cause a denial of service via a crafted message."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461216.htm",
"refsource": "CONFIRM",
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461216.htm"
}
]
}
}

190
2015/8xxx/CVE-2015-8746.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2015-8746", "ID": "CVE-2015-8746",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted network traffic."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160105 CVE request -- linux kernel: nfs: kernel panic occurs at nfs client when nfsv4.2 migration is executed", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/01/05/9" "lang": "eng",
}, "value": "fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted network traffic."
{ }
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=18e3b739fdc826481c6a1335ce0c5b19b3d415da", ]
"refsource" : "CONFIRM", },
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=18e3b739fdc826481c6a1335ce0c5b19b3d415da" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.2", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1295802", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1295802" ]
}, },
{ "references": {
"name" : "https://github.com/torvalds/linux/commit/18e3b739fdc826481c6a1335ce0c5b19b3d415da", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/18e3b739fdc826481c6a1335ce0c5b19b3d415da" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1295802",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295802"
"name" : "RHSA-2016:2574", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2574.html" "name": "https://github.com/torvalds/linux/commit/18e3b739fdc826481c6a1335ce0c5b19b3d415da",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/18e3b739fdc826481c6a1335ce0c5b19b3d415da"
"name" : "RHSA-2016:2584", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2584.html" "name": "RHSA-2016:2584",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
"name" : "1034594", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034594" "name": "RHSA-2016:2574",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
} },
} {
"name": "1034594",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034594"
},
{
"name": "[oss-security] 20160105 CVE request -- linux kernel: nfs: kernel panic occurs at nfs client when nfsv4.2 migration is executed",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/05/9"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.2"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=18e3b739fdc826481c6a1335ce0c5b19b3d415da",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=18e3b739fdc826481c6a1335ce0c5b19b3d415da"
}
]
}
}

132
2015/9xxx/CVE-2015-9053.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2017-07-01T00:00:00", "DATE_PUBLIC": "2017-07-01T00:00:00",
"ID" : "CVE-2015-9053", "ID": "CVE-2015-9053",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "All Qualcomm products", "product_name": "All Qualcomm products",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the processing of certain responses from the USIM."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Copy without Checking Size of Input in UIM"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-07-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-07-01" "lang": "eng",
}, "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the processing of certain responses from the USIM."
{ }
"name" : "99467", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/99467" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Buffer Copy without Checking Size of Input in UIM"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99467"
}
]
}
}

130
2016/0xxx/CVE-2016-0418.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0418", "ID": "CVE-2016-0418",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2016-0414."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2016-0414."
{ }
"name" : "1034735", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034735" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "1034735",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034735"
}
]
}
}

130
2016/1xxx/CVE-2016-1111.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-1111", "ID": "CVE-2016-1111",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted Graphics State dictionary."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-273/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-273/" "lang": "eng",
}, "value": "Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted Graphics State dictionary."
{ }
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-273/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-273/"
}
]
}
}

120
2016/1xxx/CVE-2016-1342.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1342", "ID": "CVE-2016-1342",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The device login page in Cisco FirePOWER Management Center 5.3 through 6.0.0.1 allows remote attackers to obtain potentially sensitive software-version information by reading help files, aka Bug ID CSCuy36654."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160224 Cisco FirePOWER Management Center Unauthenticated Information Disclosure Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160224-fmc" "lang": "eng",
} "value": "The device login page in Cisco FirePOWER Management Center 5.3 through 6.0.0.1 allows remote attackers to obtain potentially sensitive software-version information by reading help files, aka Bug ID CSCuy36654."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160224 Cisco FirePOWER Management Center Unauthenticated Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160224-fmc"
}
]
}
}

130
2016/5xxx/CVE-2016-5513.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5513", "ID": "CVE-2016-5513",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to File Manager."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to File Manager."
{ }
"name" : "93673", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93673" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "93673",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93673"
}
]
}
}

140
2016/5xxx/CVE-2016-5538.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5538", "ID": "CVE-2016-5538",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5501."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5501."
{ }
"name" : "93697", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93697" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037053", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037053" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "93697",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93697"
},
{
"name": "1037053",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037053"
}
]
}
}

140
2016/5xxx/CVE-2016-5618.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5618", "ID": "CVE-2016-5618",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.2.0.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.2.0.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine."
{ }
"name" : "93682", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93682" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037051", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037051" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "93682",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93682"
},
{
"name": "1037051",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037051"
}
]
}
}

140
2016/5xxx/CVE-2016-5678.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cert@cert.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2016-5678", "ID": "CVE-2016-5678",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "40200", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/40200/" "lang": "eng",
}, "value": "NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors."
{ }
"name" : "VU#856152", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/856152" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92318", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92318" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#856152",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/856152"
},
{
"name": "92318",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92318"
},
{
"name": "40200",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40200/"
}
]
}
}

34
2018/2xxx/CVE-2018-2243.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2243", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2243",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

158
2018/2xxx/CVE-2018-2360.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2018-2360", "ID": "CVE-2018-2360",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP Startup Service", "product_name": "SAP Startup Service",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.45" "version_value": "7.45"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.49" "version_value": "7.49"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.52" "version_value": "7.52"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP SE" "vendor_name": "SAP SE"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for functionalities that require user identity and cause consumption of file system storage."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing Authentication"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/" "lang": "eng",
}, "value": "SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for functionalities that require user identity and cause consumption of file system storage."
{ }
"name" : "https://launchpad.support.sap.com/#/notes/2523961", ]
"refsource" : "CONFIRM", },
"url" : "https://launchpad.support.sap.com/#/notes/2523961" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "102448", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/102448" "lang": "eng",
} "value": "Missing Authentication"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2523961",
"refsource": "CONFIRM",
"url": "https://launchpad.support.sap.com/#/notes/2523961"
},
{
"name": "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/",
"refsource": "CONFIRM",
"url": "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/"
},
{
"name": "102448",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102448"
}
]
}
}

34
2018/2xxx/CVE-2018-2743.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-2743", "ID": "CVE-2018-2743",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2018/2xxx/CVE-2018-2856.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2856", "ID": "CVE-2018-2856",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution). The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution). The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)."
{ }
"name" : "103812", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103812" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040693", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040693" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1040693",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040693"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "103812",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103812"
}
]
}
}

34
2019/0xxx/CVE-2019-0283.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0283", "ID": "CVE-2019-0283",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0319.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0319", "ID": "CVE-2019-0319",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0330.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0330", "ID": "CVE-2019-0330",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

154
2019/0xxx/CVE-2019-0588.json
View File

@ -1,79 +1,79 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2019-0588", "ID": "CVE-2019-0588",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Exchange Server", "product_name": "Microsoft Exchange Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2010 Service Pack 3 Update Rollup 25" "version_value": "2010 Service Pack 3 Update Rollup 25"
}, },
{ {
"version_value" : "2013 Cumulative Update 21" "version_value": "2013 Cumulative Update 21"
}, },
{ {
"version_value" : "2016 Cumulative Update 10" "version_value": "2016 Cumulative Update 10"
}, },
{ {
"version_value" : "2016 Cumulative Update 11" "version_value": "2016 Cumulative Update 11"
}, },
{ {
"version_value" : "2019" "version_value": "2019"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka \"Microsoft Exchange Information Disclosure Vulnerability.\" This affects Microsoft Exchange Server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0588", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0588" "lang": "eng",
}, "value": "An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka \"Microsoft Exchange Information Disclosure Vulnerability.\" This affects Microsoft Exchange Server."
{ }
"name" : "106437", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106437" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0588",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0588"
},
{
"name": "106437",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106437"
}
]
}
}

34
2019/1xxx/CVE-2019-1093.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1093", "ID": "CVE-2019-1093",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1165.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1165", "ID": "CVE-2019-1165",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1259.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1259", "ID": "CVE-2019-1259",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1402.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1402", "ID": "CVE-2019-1402",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4020.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4020", "ID": "CVE-2019-4020",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4141.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4141", "ID": "CVE-2019-4141",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4219.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4219", "ID": "CVE-2019-4219",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4568.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4568", "ID": "CVE-2019-4568",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5291.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5291", "ID": "CVE-2019-5291",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5568.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5568", "ID": "CVE-2019-5568",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2019/5xxx/CVE-2019-5923.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2019-5923", "ID": "CVE-2019-5923",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "iChain Insurance Wallet App for iOS", "product_name": "iChain Insurance Wallet App for iOS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Version 1.3.0 and earlier" "version_value": "Version 1.3.0 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "iChain, Inc." "vendor_name": "iChain, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Directory traversal"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.ichain.co.jp/security20190311.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.ichain.co.jp/security20190311.html" "lang": "eng",
}, "value": "Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
{ }
"name" : "JVN#11622218", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN11622218/index.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#11622218",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN11622218/index.html"
},
{
"name": "https://www.ichain.co.jp/security20190311.html",
"refsource": "MISC",
"url": "https://www.ichain.co.jp/security20190311.html"
}
]
}
}

34
2019/5xxx/CVE-2019-5983.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5983", "ID": "CVE-2019-5983",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9057.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9057", "ID": "CVE-2019-9057",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9163.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9163", "ID": "CVE-2019-9163",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }