admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:39:59 +00:00
parent ae7effc67b
commit d7eaac7029
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
71 changed files with 4746 additions and 4746 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2007/0xxx/CVE-2007-0110.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0110",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0110",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in nidp/idff/sso in Novell Access Manager Identity Server before 3.0.0-1013 allows remote attackers to inject arbitrary web script or HTML via the IssueInstant parameter, which is not properly handled in the resulting error message."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in nidp/idff/sso in Novell Access Manager Identity Server before 3.0.0-1013 allows remote attackers to inject arbitrary web script or HTML via the IssueInstant parameter, which is not properly handled in the resulting error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://secure-support.novell.com/KanisaPlatform/Publishing/143/3615264_f.SAL_Public.html",
"refsource" : "CONFIRM",
"url" : "https://secure-support.novell.com/KanisaPlatform/Publishing/143/3615264_f.SAL_Public.html"
"name": "23654",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23654"
},
{
"name" : "21921",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21921"
"name": "31359",
"refsource": "OSVDB",
"url": "http://osvdb.org/31359"
},
{
"name" : "ADV-2007-0073",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0073"
"name": "21921",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21921"
},
{
"name" : "31359",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/31359"
"name": "ADV-2007-0073",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0073"
},
{
"name" : "1017483",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017483"
"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/143/3615264_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/143/3615264_f.SAL_Public.html"
},
{
"name" : "23654",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23654"
"name": "1017483",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017483"
}
]
}

22
2007/0xxx/CVE-2007-0234.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0234",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2007-0234",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-0243. Reason: This candidate is a duplicate of CVE-2007-0243. Notes: All CVE users should reference CVE-2007-0243 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-0243. Reason: This candidate is a duplicate of CVE-2007-0243. Notes: All CVE users should reference CVE-2007-0243 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

98
2007/0xxx/CVE-2007-0584.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0584",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0584",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in membres/membreManager.php in PhP Generic Library & Framework for comm (g-neric) allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in membres/membreManager.php in PhP Generic Library & Framework for comm (g-neric) allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070129 PhP Generic library & framework (include_path) Remote File Include Exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/458556/100/0/threaded"
"name": "22287",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22287"
},
{
"name" : "3217",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3217"
"name": "33606",
"refsource": "OSVDB",
"url": "http://osvdb.org/33606"
},
{
"name" : "22287",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22287"
"name": "ADV-2007-0394",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0394"
},
{
"name" : "ADV-2007-0394",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0394"
"name": "phpgeneric-membremanager-file-include(31895)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31895"
},
{
"name" : "33606",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33606"
"name": "3217",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3217"
},
{
"name" : "36632",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36632"
"name": "36632",
"refsource": "OSVDB",
"url": "http://osvdb.org/36632"
},
{
"name" : "phpgeneric-membremanager-file-include(31895)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31895"
"name": "20070129 PhP Generic library & framework (include_path) Remote File Include Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458556/100/0/threaded"
}
]
}

74
2007/3xxx/CVE-2007-3109.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3109",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3109",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO."
"lang": "eng",
"value": "The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070603 CERN İmage Map Dispatcher",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/470458/100/0/threaded"
"name": "20070603 CERN İmage Map Dispatcher",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470458/100/0/threaded"
},
{
"name" : "42058",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/42058"
"name": "42058",
"refsource": "OSVDB",
"url": "http://osvdb.org/42058"
},
{
"name" : "2784",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2784"
"name": "2784",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2784"
}
]
}

92
2007/3xxx/CVE-2007-3188.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3188",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3188",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in down_indir.asp in Fullaspsite GeometriX Download Portal allows remote attackers to execute arbitrary SQL commands via the id parameter."
"lang": "eng",
"value": "SQL injection vulnerability in down_indir.asp in Fullaspsite GeometriX Download Portal allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4057",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4057"
"name": "36322",
"refsource": "OSVDB",
"url": "http://osvdb.org/36322"
},
{
"name" : "24404",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24404"
"name": "geometrix-downindir-sql-injection(34791)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34791"
},
{
"name" : "ADV-2007-2124",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2124"
"name": "25576",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25576"
},
{
"name" : "36322",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36322"
"name": "ADV-2007-2124",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2124"
},
{
"name" : "25576",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25576"
"name": "24404",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24404"
},
{
"name" : "geometrix-downindir-sql-injection(34791)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34791"
"name": "4057",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4057"
}
]
}

74
2007/3xxx/CVE-2007-3485.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3485",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3485",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Yandex.Server allow remote attackers to inject arbitrary web script or HTML via the (1) query or (2) within parameter to the default URI."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Yandex.Server allow remote attackers to inject arbitrary web script or HTML via the (1) query or (2) within parameter to the default URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://websecurity.com.ua/1018/",
"refsource" : "MISC",
"url" : "http://websecurity.com.ua/1018/"
"name": "http://websecurity.com.ua/670/",
"refsource": "MISC",
"url": "http://websecurity.com.ua/670/"
},
{
"name" : "http://websecurity.com.ua/670/",
"refsource" : "MISC",
"url" : "http://websecurity.com.ua/670/"
"name": "37520",
"refsource": "OSVDB",
"url": "http://osvdb.org/37520"
},
{
"name" : "37520",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37520"
"name": "http://websecurity.com.ua/1018/",
"refsource": "MISC",
"url": "http://websecurity.com.ua/1018/"
}
]
}

92
2007/3xxx/CVE-2007-3707.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3707",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3707",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 before 20070628, when enable_query_strings is true, allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter."
"lang": "eng",
"value": "Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 before 20070628, when enable_query_strings is true, allows remote attackers to read arbitrary files via a .. (dot dot) in the c parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070708 CodeIgniter 1.5.3 vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
"name": "25991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25991"
},
{
"name" : "20070709 CodeIgniter 1.5.3 vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
"name": "codeigniter-index-directory-traversal(35348)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35348"
},
{
"name" : "37906",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37906"
"name": "37906",
"refsource": "OSVDB",
"url": "http://osvdb.org/37906"
},
{
"name" : "25991",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25991"
"name": "20070709 CodeIgniter 1.5.3 vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html"
},
{
"name" : "2877",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2877"
"name": "20070708 CodeIgniter 1.5.3 vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/473190/100/0/threaded"
},
{
"name" : "codeigniter-index-directory-traversal(35348)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35348"
"name": "2877",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2877"
}
]
}

128
2007/3xxx/CVE-2007-3857.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3857",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3857",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 allow remote authenticated users to have an unknown impact via (a) the Oracle Text component, including (1) unspecified vectors (DB05), (2) CTXSYS.DRVXMD (DB06), (3) CTXSYS.DRI_MOVE_CTXSYS (DB07), (4) CTXSYS.DRVXMD (DB08), and (b) JavaVM (DB14)."
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 allow remote authenticated users to have an unknown impact via (a) the Oracle Text component, including (1) unspecified vectors (DB05), (2) CTXSYS.DRVXMD (DB06), (3) CTXSYS.DRI_MOVE_CTXSYS (DB07), (4) CTXSYS.DRVXMD (DB08), and (b) JavaVM (DB14)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf",
"refsource" : "MISC",
"url" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf"
"name": "SSRT061201",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html"
"name": "26114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26114"
},
{
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html",
"refsource" : "MISC",
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html"
"name": "26166",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26166"
},
{
"name" : "HPSBMA02133",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html"
},
{
"name" : "SSRT061201",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
"name": "TA07-200A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-200A.html"
},
{
"name" : "TA07-200A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-200A.html"
"name": "ADV-2007-2562",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2562"
},
{
"name" : "ADV-2007-2562",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2562"
"name": "ADV-2007-2635",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2635"
},
{
"name" : "ADV-2007-2635",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2635"
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
},
{
"name" : "1018415",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018415"
"name": "oracle-cpu-july2007(35490)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35490"
},
{
"name" : "26114",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26114"
"name": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf",
"refsource": "MISC",
"url": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf"
},
{
"name" : "26166",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26166"
"name": "1018415",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018415"
},
{
"name" : "oracle-cpu-july2007(35490)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35490"
"name": "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html"
}
]
}

152
2007/3xxx/CVE-2007-3860.json
View File

@ -1,136 +1,136 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3860",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3860",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Application Express (formerly Oracle HTML DB) 2.2.0.00.32 up to 3.0.0.00.20 allows developers to have an unknown impact via unknown attack vectors, aka APEX01. NOTE: a reliable researcher states that this is SQL injection in the wwv_flow_security.check_db_password function due to insufficient checks for '\"' characters."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Application Express (formerly Oracle HTML DB) 2.2.0.00.32 up to 3.0.0.00.20 allows developers to have an unknown impact via unknown attack vectors, aka APEX01. NOTE: a reliable researcher states that this is SQL injection in the wwv_flow_security.check_db_password function due to insufficient checks for '\"' characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070718 Oracle Security: SQL Injection in APEX CHECK_DB_PASSWORD",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/474002/100/0/threaded"
"name": "SSRT061201",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
},
{
"name" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf",
"refsource" : "MISC",
"url" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf"
"name": "26114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26114"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html"
"name": "2901",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2901"
},
{
"name" : "http://www.red-database-security.com/advisory/oracle_apex_sql_injection_check_db_password.html",
"refsource" : "MISC",
"url" : "http://www.red-database-security.com/advisory/oracle_apex_sql_injection_check_db_password.html"
"name": "http://www.red-database-security.com/advisory/oracle_apex_sql_injection_check_db_password.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_apex_sql_injection_check_db_password.html"
},
{
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html",
"refsource" : "MISC",
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html"
"name": "26166",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26166"
},
{
"name" : "HPSBMA02133",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html"
},
{
"name" : "SSRT061201",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
"name": "oracle-apex-sql-injection(35499)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35499"
},
{
"name" : "TA07-200A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-200A.html"
"name": "TA07-200A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-200A.html"
},
{
"name" : "ADV-2007-2562",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2562"
"name": "ADV-2007-2562",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2562"
},
{
"name" : "ADV-2007-2635",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2635"
"name": "ADV-2007-2635",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2635"
},
{
"name" : "1018415",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018415"
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
},
{
"name" : "26114",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26114"
"name": "oracle-cpu-july2007(35490)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35490"
},
{
"name" : "26166",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26166"
"name": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf",
"refsource": "MISC",
"url": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf"
},
{
"name" : "2901",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2901"
"name": "1018415",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018415"
},
{
"name" : "oracle-apex-sql-injection(35499)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35499"
"name": "20070718 Oracle Security: SQL Injection in APEX CHECK_DB_PASSWORD",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474002/100/0/threaded"
},
{
"name" : "oracle-cpu-july2007(35490)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35490"
"name": "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html"
}
]
}

98
2007/4xxx/CVE-2007-4136.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4136",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-4136",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ricci daemon in Red Hat Conga 0.10.0 allows remote attackers to cause a denial of service (loss of new connections) by repeatedly sending data or attempting connections."
"lang": "eng",
"value": "The ricci daemon in Red Hat Conga 0.10.0 allows remote attackers to cause a denial of service (loss of new connections) by repeatedly sending data or attempting connections."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=336101",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=336101"
"name": "27611",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27611"
},
{
"name" : "RHSA-2007:0640",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0640.html"
"name": "RHSA-2007:0640",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0640.html"
},
{
"name" : "26393",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26393"
"name": "oval:org.mitre.oval:def:9871",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9871"
},
{
"name" : "oval:org.mitre.oval:def:9871",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9871"
"name": "26393",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26393"
},
{
"name" : "1018921",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1018921"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=336101",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=336101"
},
{
"name" : "27611",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27611"
"name": "1018921",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018921"
},
{
"name" : "rhel-congaricci-dos(38358)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38358"
"name": "rhel-congaricci-dos(38358)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38358"
}
]
}

104
2007/4xxx/CVE-2007-4207.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4207",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4207",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in admin_console/index.asp in Gallery In A Box allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password field. NOTE: these fields might be associated with the txtUsername and txtPassword parameters."
"lang": "eng",
"value": "SQL injection vulnerability in admin_console/index.asp in Gallery In A Box allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password field. NOTE: these fields might be associated with the txtUsername and txtPassword parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070802 [Aria-Security.Net] Gallery In A Box Username & Password Parameters SQL Injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/475448/100/0/threaded"
"name": "ADV-2007-2798",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2798"
},
{
"name" : "http://outlaw.aria-security.info/?p=13",
"refsource" : "MISC",
"url" : "http://outlaw.aria-security.info/?p=13"
"name": "galleryinabox-index-sql-injection(35791)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35791"
},
{
"name" : "25194",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25194"
"name": "2977",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2977"
},
{
"name" : "ADV-2007-2798",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2798"
"name": "36284",
"refsource": "OSVDB",
"url": "http://osvdb.org/36284"
},
{
"name" : "36284",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36284"
"name": "25194",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25194"
},
{
"name" : "26334",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26334"
"name": "20070802 [Aria-Security.Net] Gallery In A Box Username & Password Parameters SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475448/100/0/threaded"
},
{
"name" : "2977",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2977"
"name": "http://outlaw.aria-security.info/?p=13",
"refsource": "MISC",
"url": "http://outlaw.aria-security.info/?p=13"
},
{
"name" : "galleryinabox-index-sql-injection(35791)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35791"
"name": "26334",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26334"
}
]
}

104
2007/4xxx/CVE-2007-4282.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4282",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4282",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The \"Extended properties for entries\" (entryproperties) plugin in serendipity_event_entryproperties.php in Serendipity 1.1.3 allows remote authenticated users to bypass password protection and \"deliver custom entryproperties settings to the Serendipity Frontend\" via a certain request that modifies the password being checked."
"lang": "eng",
"value": "The \"Extended properties for entries\" (entryproperties) plugin in serendipity_event_entryproperties.php in Serendipity 1.1.3 allows remote authenticated users to bypass password protection and \"deliver custom entryproperties settings to the Serendipity Frontend\" via a certain request that modifies the password being checked."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://blog.drinsama.de/erich/en/security/2007080801-security-issue-in-serendipity.html",
"refsource" : "MISC",
"url" : "http://blog.drinsama.de/erich/en/security/2007080801-security-issue-in-serendipity.html"
"name": "25235",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25235"
},
{
"name" : "http://sourceforge.net/forum/forum.php?forum_id=722867",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/forum/forum.php?forum_id=722867"
"name": "http://blog.drinsama.de/erich/en/security/2007080801-security-issue-in-serendipity.html",
"refsource": "MISC",
"url": "http://blog.drinsama.de/erich/en/security/2007080801-security-issue-in-serendipity.html"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?group_id=75065&release_id=530716",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?group_id=75065&release_id=530716"
"name": "26347",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26347"
},
{
"name" : "http://blog.s9y.org/archives/178-Serendipity-1.1.4-released,-security-bug-in-entryproperties-plugin.html",
"refsource" : "CONFIRM",
"url" : "http://blog.s9y.org/archives/178-Serendipity-1.1.4-released,-security-bug-in-entryproperties-plugin.html"
"name": "http://sourceforge.net/project/shownotes.php?group_id=75065&release_id=530716",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=75065&release_id=530716"
},
{
"name" : "25235",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25235"
"name": "36534",
"refsource": "OSVDB",
"url": "http://osvdb.org/36534"
},
{
"name" : "36534",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36534"
"name": "http://sourceforge.net/forum/forum.php?forum_id=722867",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=722867"
},
{
"name" : "26347",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26347"
"name": "http://blog.s9y.org/archives/178-Serendipity-1.1.4-released,-security-bug-in-entryproperties-plugin.html",
"refsource": "CONFIRM",
"url": "http://blog.s9y.org/archives/178-Serendipity-1.1.4-released,-security-bug-in-entryproperties-plugin.html"
},
{
"name" : "serendipity-extendedprop-security-bypass(35868)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35868"
"name": "serendipity-extendedprop-security-bypass(35868)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35868"
}
]
}

104
2007/4xxx/CVE-2007-4621.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4621",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4621",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments."
"lang": "eng",
"value": "Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20071031 IBM AIX 5.2 crontab BSS Buffer Overflow Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=612"
"name": "27437",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27437"
},
{
"name" : "ftp://aix.software.ibm.com/aix/efixes/security/crontab_ifix.tar",
"refsource" : "CONFIRM",
"url" : "ftp://aix.software.ibm.com/aix/efixes/security/crontab_ifix.tar"
"name": "26263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26263"
},
{
"name" : "IZ04832",
"refsource" : "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ04832"
"name": "aix-crontab-bo(38164)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38164"
},
{
"name" : "26263",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26263"
"name": "20071031 IBM AIX 5.2 crontab BSS Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=612"
},
{
"name" : "ADV-2007-3669",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3669"
"name": "1018871",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018871"
},
{
"name" : "1018871",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1018871"
"name": "IZ04832",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ04832"
},
{
"name" : "27437",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27437"
"name": "ftp://aix.software.ibm.com/aix/efixes/security/crontab_ifix.tar",
"refsource": "CONFIRM",
"url": "ftp://aix.software.ibm.com/aix/efixes/security/crontab_ifix.tar"
},
{
"name" : "aix-crontab-bo(38164)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38164"
"name": "ADV-2007-3669",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3669"
}
]
}

122
2007/6xxx/CVE-2007-6299.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6299",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6299",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x before 4.7.9 and 5.x before 5.4 allow remote attackers to execute arbitrary SQL commands via modules that pass input to the taxonomy_select_nodes function, as demonstrated by the (1) taxonomy_menu, (2) ajaxLoader, and (3) ubrowser contributed modules."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x before 4.7.9 and 5.x before 5.4 allow remote attackers to execute arbitrary SQL commands via modules that pass input to the taxonomy_select_nodes function, as demonstrated by the (1) taxonomy_menu, (2) ajaxLoader, and (3) ubrowser contributed modules."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://drupal.org/node/198162",
"refsource" : "CONFIRM",
"url" : "http://drupal.org/node/198162"
"name": "http://sourceforge.net/project/shownotes.php?release_id=559532",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=559532"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=559532",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=559532"
"name": "26735",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26735"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=559538",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=559538"
"name": "27932",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27932"
},
{
"name" : "FEDORA-2007-4136",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00190.html"
"name": "FEDORA-2007-4136",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00190.html"
},
{
"name" : "FEDORA-2007-4163",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00258.html"
"name": "27973",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27973"
},
{
"name" : "26735",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26735"
"name": "27951",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27951"
},
{
"name" : "27932",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27932"
"name": "drupal-taxonomy-sql-injection(38884)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38884"
},
{
"name" : "27951",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27951"
"name": "http://sourceforge.net/project/shownotes.php?release_id=559538",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=559538"
},
{
"name" : "27973",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27973"
"name": "vbdrupal-taxonomy-sql-injection(38886)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38886"
},
{
"name" : "drupal-taxonomy-sql-injection(38884)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38884"
"name": "http://drupal.org/node/198162",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/198162"
},
{
"name" : "vbdrupal-taxonomy-sql-injection(38886)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38886"
"name": "FEDORA-2007-4163",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00258.html"
}
]
}

476
2007/6xxx/CVE-2007-6429.json
View File

@ -1,406 +1,406 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6429",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6429",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension."
"lang": "eng",
"value": "Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080117 Multiple Vendor X Server EVI and MIT-SHM Extensions Integer Overflow Vulnerabilities",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=645"
"name": "28542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28542"
},
{
"name" : "20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/487335/100/0/threaded"
"name": "29139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29139"
},
{
"name" : "[xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server",
"refsource" : "MLIST",
"url" : "http://lists.freedesktop.org/archives/xorg/2008-January/031918.html"
"name": "27336",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27336"
},
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=204362",
"refsource" : "CONFIRM",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=204362"
"name": "ADV-2008-0184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0184"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm"
"name": "xorg-mitshm-overflow(39764)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39764"
},
{
"name" : "https://issues.rpath.com/browse/RPL-2010",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-2010"
"name": "29622",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29622"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm"
"name": "FEDORA-2008-0831",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html"
},
{
"name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities",
"refsource" : "CONFIRM",
"url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities"
"name": "SUSE-SA:2008:003",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=307562",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=307562"
"name": "SUSE-SR:2008:008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
},
{
"name" : "APPLE-SA-2008-03-18",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
"name": "28532",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28532"
},
{
"name" : "DSA-1466",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1466"
"name": "29707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29707"
},
{
"name" : "FEDORA-2008-0760",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-078.htm"
},
{
"name" : "FEDORA-2008-0831",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html"
"name": "28843",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28843"
},
{
"name" : "GLSA-200801-09",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200801-09.xml"
"name": "DSA-1466",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1466"
},
{
"name" : "GLSA-200804-05",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200804-05.xml"
"name": "20080117 Multiple Vendor X Server EVI and MIT-SHM Extensions Integer Overflow Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=645"
},
{
"name" : "GLSA-200805-07",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
"name": "28540",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28540"
},
{
"name" : "HPSBUX02381",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321"
"name": "SSRT080083",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321"
},
{
"name" : "SSRT080083",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321"
"name": "20080130 rPSA-2008-0032-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487335/100/0/threaded"
},
{
"name" : "MDVSA-2008:021",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:021"
"name": "ADV-2008-0703",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0703"
},
{
"name" : "MDVSA-2008:022",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:022"
"name": "MDVSA-2008:021",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:021"
},
{
"name" : "MDVSA-2008:023",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:023"
"name": "ADV-2008-0924",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name" : "MDVSA-2008:025",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:025"
"name": "28718",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28718"
},
{
"name" : "[4.1] 20080208 012: SECURITY FIX: February 8, 2008",
"refsource" : "OPENBSD",
"url" : "http://www.openbsd.org/errata41.html#012_xorg"
"name": "200153",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-200153-1"
},
{
"name" : "[4.2] 20080208 006: SECURITY FIX: February 8, 2008",
"refsource" : "OPENBSD",
"url" : "http://www.openbsd.org/errata42.html#006_xorg"
"name": "RHSA-2008:0029",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0029.html"
},
{
"name" : "RHSA-2008:0029",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0029.html"
"name": "28584",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28584"
},
{
"name" : "RHSA-2008:0030",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0030.html"
"name": "oval:org.mitre.oval:def:11045",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11045"
},
{
"name" : "RHSA-2008:0031",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0031.html"
"name": "[4.1] 20080208 012: SECURITY FIX: February 8, 2008",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata41.html#012_xorg"
},
{
"name" : "103200",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103200-1"
"name": "28941",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28941"
},
{
"name" : "200153",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-200153-1"
"name": "28592",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28592"
},
{
"name" : "SUSE-SA:2008:003",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00004.html"
"name": "27350",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27350"
},
{
"name" : "SUSE-SR:2008:003",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
"name": "HPSBUX02381",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01543321"
},
{
"name" : "SUSE-SR:2008:008",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-039.htm"
},
{
"name" : "USN-571-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/571-1/"
"name": "29420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29420"
},
{
"name" : "27336",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/27336"
"name": "MDVSA-2008:022",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:022"
},
{
"name" : "27350",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/27350"
"name": "APPLE-SA-2008-03-18",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name" : "27353",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/27353"
"name": "xorg-evi-bo(39763)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39763"
},
{
"name" : "oval:org.mitre.oval:def:11045",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11045"
"name": "30161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30161"
},
{
"name" : "32545",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/32545"
"name": "GLSA-200805-07",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"name" : "ADV-2008-0179",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0179"
"name": "RHSA-2008:0030",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0030.html"
},
{
"name" : "ADV-2008-0184",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0184"
"name": "28543",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28543"
},
{
"name" : "ADV-2008-0497",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0497/references"
"name": "28273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28273"
},
{
"name" : "ADV-2008-0703",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0703"
"name": "RHSA-2008:0031",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0031.html"
},
{
"name" : "ADV-2008-0924",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0924/references"
"name": "28550",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28550"
},
{
"name" : "1019232",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1019232"
"name": "ADV-2008-0497",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0497/references"
},
{
"name" : "28532",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28532"
"name": "http://bugs.gentoo.org/show_bug.cgi?id=204362",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=204362"
},
{
"name" : "28535",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28535"
"name": "27353",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27353"
},
{
"name" : "28536",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28536"
"name": "MDVSA-2008:023",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:023"
},
{
"name" : "28539",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28539"
"name": "28885",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28885"
},
{
"name" : "28540",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28540"
"name": "103200",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103200-1"
},
{
"name" : "28542",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28542"
"name": "MDVSA-2008:025",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:025"
},
{
"name" : "28543",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28543"
"name": "USN-571-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/571-1/"
},
{
"name" : "28550",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28550"
"name": "GLSA-200804-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-05.xml"
},
{
"name" : "28273",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28273"
"name": "28535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28535"
},
{
"name" : "28592",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28592"
"name": "ADV-2008-3000",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3000"
},
{
"name" : "28616",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28616"
"name": "http://docs.info.apple.com/article.html?artnum=307562",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name" : "28584",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28584"
"name": "[xorg] 20080117 X.Org security advisory: multiple vulnerabilities in the X server",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/xorg/2008-January/031918.html"
},
{
"name" : "28693",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28693"
"name": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities",
"refsource": "CONFIRM",
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/ijhifoeblist?mode=7&heading=AIX61&path=/200802/SECURITY/20080227/datafile112539&label=AIX%20X%20server%20multiple%20vulnerabilities"
},
{
"name" : "28718",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28718"
"name": "32545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32545"
},
{
"name" : "28838",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28838"
"name": "28838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28838"
},
{
"name" : "28843",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28843"
"name": "1019232",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019232"
},
{
"name" : "28885",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28885"
"name": "https://issues.rpath.com/browse/RPL-2010",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2010"
},
{
"name" : "28941",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28941"
"name": "[4.2] 20080208 006: SECURITY FIX: February 8, 2008",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata42.html#006_xorg"
},
{
"name" : "29139",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29139"
"name": "28539",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28539"
},
{
"name" : "29420",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29420"
"name": "SUSE-SR:2008:003",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
},
{
"name" : "29622",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29622"
"name": "28616",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28616"
},
{
"name" : "29707",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29707"
"name": "FEDORA-2008-0760",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html"
},
{
"name" : "30161",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30161"
"name": "28536",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28536"
},
{
"name" : "ADV-2008-3000",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/3000"
"name": "28693",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28693"
},
{
"name" : "xorg-evi-bo(39763)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39763"
"name": "GLSA-200801-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200801-09.xml"
},
{
"name" : "xorg-mitshm-overflow(39764)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39764"
"name": "ADV-2008-0179",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0179"
}
]
}

152
2007/6xxx/CVE-2007-6454.json
View File

@ -1,136 +1,136 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6454",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6454",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request."
"lang": "eng",
"value": "Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20071217 Heap overflow in PeerCast 0.1217",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/485199/100/0/threaded"
"name": "GLSA-200801-22",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200801-22.xml"
},
{
"name" : "http://aluigi.altervista.org/adv/peercasthof-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/peercasthof-adv.txt"
"name": "26899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26899"
},
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300",
"refsource" : "MISC",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300"
"name": "http://bugs.gentoo.org/show_bug.cgi?id=202747",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=202747",
"refsource" : "MISC",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=202747"
"name": "28719",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28719"
},
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=202747",
"refsource" : "CONFIRM",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=202747"
"name": "peercast-handshakehttp-bo(39075)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39075"
},
{
"name" : "DSA-1441",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1441"
"name": "DSA-1583",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1583"
},
{
"name" : "DSA-1583",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1583"
"name": "28120",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28120"
},
{
"name" : "GLSA-200801-22",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200801-22.xml"
"name": "30325",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30325"
},
{
"name" : "26899",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26899"
"name": "20071217 Heap overflow in PeerCast 0.1217",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485199/100/0/threaded"
},
{
"name" : "ADV-2007-4246",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/4246"
"name": "28260",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28260"
},
{
"name" : "28120",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28120"
"name": "DSA-1441",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1441"
},
{
"name" : "28260",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28260"
"name": "http://bugs.gentoo.org/show_bug.cgi?id=202747",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=202747"
},
{
"name" : "28719",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28719"
"name": "http://aluigi.altervista.org/adv/peercasthof-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/peercasthof-adv.txt"
},
{
"name" : "30325",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30325"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457300"
},
{
"name" : "3461",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3461"
"name": "ADV-2007-4246",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4246"
},
{
"name" : "peercast-handshakehttp-bo(39075)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39075"
"name": "3461",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3461"
}
]
}

206
2007/6xxx/CVE-2007-6698.json
View File

@ -1,181 +1,181 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6698",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6698",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerability."
"lang": "eng",
"value": "The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080212 rPSA-2008-0059-1 openldap openldap-clients openldap-servers",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/488242/100/200/threaded"
"name": "SUSE-SR:2008:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
},
{
"name" : "[openldap-bugs] 20070411 (ITS#4925) Modify operation with NOOP control on a BDB backend causes slapd to crash",
"refsource" : "MLIST",
"url" : "http://www.openldap.org/lists/openldap-bugs/200704/msg00067.html"
"name": "MDVSA-2008:058",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
},
{
"name" : "[openldap-bugs] 20070411 Re: (ITS#4925) Modify operation with NOOP control on a BDB backend causes slapd to crash",
"refsource" : "MLIST",
"url" : "http://www.openldap.org/lists/openldap-bugs/200704/msg00068.html"
"name": "29225",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29225"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=431203",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=431203"
"name": "1019480",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019480"
},
{
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059",
"refsource" : "CONFIRM",
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059"
"name": "[openldap-bugs] 20070411 (ITS#4925) Modify operation with NOOP control on a BDB backend causes slapd to crash",
"refsource": "MLIST",
"url": "http://www.openldap.org/lists/openldap-bugs/200704/msg00067.html"
},
{
"name" : "http://wiki.rpath.com/Advisories:rPSA-2008-0059",
"refsource" : "CONFIRM",
"url" : "http://wiki.rpath.com/Advisories:rPSA-2008-0059"
"name": "28817",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28817"
},
{
"name" : "http://support.apple.com/kb/HT3937",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT3937"
"name": "http://wiki.rpath.com/Advisories:rPSA-2008-0059",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0059"
},
{
"name" : "APPLE-SA-2009-11-09-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
"name": "29682",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29682"
},
{
"name" : "DSA-1541",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1541"
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059"
},
{
"name" : "FEDORA-2008-1307",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00105.html"
"name": "29256",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29256"
},
{
"name" : "MDVSA-2008:058",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:058"
"name": "20080212 rPSA-2008-0059-1 openldap openldap-clients openldap-servers",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488242/100/200/threaded"
},
{
"name" : "RHSA-2008:0110",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0110.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=431203",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431203"
},
{
"name" : "SUSE-SR:2008:010",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
"name": "29068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29068"
},
{
"name" : "USN-584-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-584-1"
"name": "USN-584-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-584-1"
},
{
"name" : "26245",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26245"
"name": "RHSA-2008:0110",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0110.html"
},
{
"name" : "oval:org.mitre.oval:def:10748",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10748"
"name": "28953",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28953"
},
{
"name" : "1019480",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1019480"
"name": "DSA-1541",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1541"
},
{
"name" : "28817",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28817"
"name": "oval:org.mitre.oval:def:10748",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10748"
},
{
"name" : "28953",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28953"
"name": "FEDORA-2008-1307",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00105.html"
},
{
"name" : "29068",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29068"
"name": "[openldap-bugs] 20070411 Re: (ITS#4925) Modify operation with NOOP control on a BDB backend causes slapd to crash",
"refsource": "MLIST",
"url": "http://www.openldap.org/lists/openldap-bugs/200704/msg00068.html"
},
{
"name" : "29225",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29225"
"name": "ADV-2009-3184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name" : "29256",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29256"
"name": "APPLE-SA-2009-11-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name" : "29682",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29682"
"name": "29957",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29957"
},
{
"name" : "29957",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29957"
"name": "26245",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26245"
},
{
"name" : "ADV-2009-3184",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/3184"
"name": "http://support.apple.com/kb/HT3937",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3937"
}
]
}

74
2010/5xxx/CVE-2010-5020.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5020",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5020",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter."
"lang": "eng",
"value": "SQL injection vulnerability in index.php in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the page parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "13945",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/13945"
"name": "41014",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41014"
},
{
"name" : "41014",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/41014"
"name": "13945",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/13945"
},
{
"name" : "31871",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31871"
"name": "31871",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31871"
}
]
}

68
2010/5xxx/CVE-2010-5198.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5198",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5198",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple untrusted search path vulnerabilities in Intuit QuickBooks 2010 allow local users to gain privileges via a Trojan horse (1) dbicudtx11.dll, (2) mfc90enu.dll, or (3) mfc90loc.dll file in the current working directory, as demonstrated by a directory that contains a .des, .qbo, or .qpg file. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Multiple untrusted search path vulnerabilities in Intuit QuickBooks 2010 allow local users to gain privileges via a Trojan horse (1) dbicudtx11.dll, (2) mfc90enu.dll, or (3) mfc90loc.dll file in the current working directory, as demonstrated by a directory that contains a .des, .qbo, or .qpg file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/",
"refsource" : "MISC",
"url" : "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/"
"name": "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/",
"refsource": "MISC",
"url": "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/"
},
{
"name" : "41221",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41221"
"name": "41221",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41221"
}
]
}

170
2014/1xxx/CVE-2014-1488.json
View File

@ -1,151 +1,151 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1488",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1488",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js."
"lang": "eng",
"value": "The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-11.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-11.html"
"name": "65321",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65321"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=950604",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=950604"
"name": "openSUSE-SU-2014:0212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name" : "https://8pecxstudios.com/?page_id=44080",
"refsource" : "CONFIRM",
"url" : "https://8pecxstudios.com/?page_id=44080"
"name": "1029717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029717"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-11.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-11.html"
},
{
"name" : "GLSA-201504-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201504-01"
"name": "https://8pecxstudios.com/?page_id=44080",
"refsource": "CONFIRM",
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name" : "SUSE-SU-2014:0248",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
"name": "56787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56787"
},
{
"name" : "openSUSE-SU-2014:0212",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
"name": "1029720",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name" : "openSUSE-SU-2014:0419",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
"name": "USN-2102-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name" : "USN-2102-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2102-1"
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name" : "USN-2102-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2102-2"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "65321",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65321"
"name": "firefox-cve20141488-dos(90887)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90887"
},
{
"name" : "102875",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102875"
"name": "56888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56888"
},
{
"name" : "1029717",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029717"
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name" : "1029720",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029720"
"name": "102875",
"refsource": "OSVDB",
"url": "http://osvdb.org/102875"
},
{
"name" : "56706",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56706"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=950604",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950604"
},
{
"name" : "56767",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56767"
"name": "SUSE-SU-2014:0248",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name" : "56787",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56787"
"name": "USN-2102-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name" : "56888",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56888"
"name": "56767",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56767"
},
{
"name" : "firefox-cve20141488-dos(90887)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90887"
"name": "56706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56706"
}
]
}

248
2014/1xxx/CVE-2014-1491.json
View File

@ -1,216 +1,216 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1491",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1491",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value."
"lang": "eng",
"value": "Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
"name": "USN-2119-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2119-1"
},
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Dec/23"
"name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-12.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-12.html"
"name": "1029721",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=934545",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=934545"
"name": "http://hg.mozilla.org/projects/nss/rev/12c42006aed8",
"refsource": "CONFIRM",
"url": "http://hg.mozilla.org/projects/nss/rev/12c42006aed8"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
"name": "openSUSE-SU-2014:0212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
"name": "firefox-nss-cve20141491-unspecified(90886)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90886"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
"name": "1029717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029717"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
"name": "DSA-2994",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2994"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761"
"name": "65332",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65332"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
"name": "56922",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56922"
},
{
"name" : "http://hg.mozilla.org/projects/nss/rev/12c42006aed8",
"refsource" : "CONFIRM",
"url" : "http://hg.mozilla.org/projects/nss/rev/12c42006aed8"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=934545",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=934545"
},
{
"name" : "DSA-2858",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2858"
"name": "1029720",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name" : "DSA-2994",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2994"
"name": "56858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56858"
},
{
"name" : "FEDORA-2014-2041",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name" : "FEDORA-2014-2083",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
"name": "DSA-2858",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2858"
},
{
"name" : "GLSA-201504-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201504-01"
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name" : "SUSE-SU-2014:0248",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name" : "openSUSE-SU-2014:0212",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
"name": "USN-2102-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name" : "openSUSE-SU-2014:0213",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name" : "openSUSE-SU-2014:0419",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-12.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-12.html"
},
{
"name" : "USN-2102-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2102-1"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name" : "USN-2102-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2102-2"
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761"
},
{
"name" : "USN-2119-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2119-1"
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name" : "65332",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65332"
"name": "56888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56888"
},
{
"name" : "1029717",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029717"
"name": "FEDORA-2014-2083",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html"
},
{
"name" : "1029720",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029720"
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name" : "1029721",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029721"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name" : "56858",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56858"
"name": "FEDORA-2014-2041",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html"
},
{
"name" : "56888",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56888"
"name": "SUSE-SU-2014:0248",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
},
{
"name" : "56922",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56922"
"name": "openSUSE-SU-2014:0213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name" : "firefox-nss-cve20141491-unspecified(90886)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90886"
"name": "USN-2102-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-1"
}
]
}

140
2014/1xxx/CVE-2014-1588.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1588",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1588",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 34.0 and SeaMonkey before 2.31 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-83.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-83.html"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1086842",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1086842"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1013001",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1013001"
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-83.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-83.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1023158",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1023158"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1073577",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1073577"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1026037",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1026037"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1064835",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1064835"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1037830",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1037830"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1096026",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1096026"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1048517",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1048517"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1037830",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1037830"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1064835",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1064835"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1077687",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1077687"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1073577",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1073577"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1023158",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1023158"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1075546",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1075546"
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1077687",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1077687"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1086842",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1086842"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1048517",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1048517"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1096026",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1096026"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1075546",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1075546"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1026037",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1026037"
},
{
"name" : "GLSA-201504-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201504-01"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1013001",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1013001"
}
]
}

74
2014/1xxx/CVE-2014-1899.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1899",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1899",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.citrix.com/article/CTX140291",
"refsource" : "CONFIRM",
"url" : "https://support.citrix.com/article/CTX140291"
"name": "1030186",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030186"
},
{
"name" : "67177",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67177"
"name": "67177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67177"
},
{
"name" : "1030186",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030186"
"name": "https://support.citrix.com/article/CTX140291",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX140291"
}
]
}

22
2014/5xxx/CVE-2014-5153.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5153",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5153",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2014/5xxx/CVE-2014-5529.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5529",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5529",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Gameloft library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Gameloft library for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#943033",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/943033"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#943033",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/943033"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/5xxx/CVE-2014-5549.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5549",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5549",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Puppy Slots (aka air.com.starluxstudios.PuppySlotsFree) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Puppy Slots (aka air.com.starluxstudios.PuppySlotsFree) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#397257",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/397257"
},
{
"name" : "VU#397257",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/397257"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/5xxx/CVE-2014-5561.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5561",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5561",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Word Search Free (aka air.wordSearchFree) application 4.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Word Search Free (aka air.wordSearchFree) application 4.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#147953",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/147953"
},
{
"name" : "VU#147953",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/147953"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/5xxx/CVE-2014-5614.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5614",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5614",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Love Collage - Photo Editor (aka com.etoolkit.lovecollage) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Love Collage - Photo Editor (aka com.etoolkit.lovecollage) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#737553",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/737553"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#737553",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/737553"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/5xxx/CVE-2014-5628.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5628",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5628",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Wonder Zoo - Animal rescue ! (aka com.gameloft.android.ANMP.GloftZRHM) application 1.6.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Wonder Zoo - Animal rescue ! (aka com.gameloft.android.ANMP.GloftZRHM) application 1.6.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#695577",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/695577"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#695577",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/695577"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/5xxx/CVE-2014-5674.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5674",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5674",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The PicsArt - Photo Studio (aka com.picsart.studio) application 4.5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The PicsArt - Photo Studio (aka com.picsart.studio) application 4.5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#989497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/989497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#989497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/989497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

22
2015/2xxx/CVE-2015-2060.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2060",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2060",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

92
2015/2xxx/CVE-2015-2279.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2279",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2279",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "cgi_test.cgi in AirLive BU-2015 with firmware 1.03.18, BU-3026 with firmware 1.43, and MD-3025 with firmware 1.81 allows remote attackers to execute arbitrary OS commands via shell metacharacters after an \"&\" (ampersand) in the write_mac write_pid, write_msn, write_tan, or write_hdv parameter."
"lang": "eng",
"value": "cgi_test.cgi in AirLive BU-2015 with firmware 1.03.18, BU-3026 with firmware 1.43, and MD-3025 with firmware 1.81 allows remote attackers to execute arbitrary OS commands via shell metacharacters after an \"&\" (ampersand) in the write_mac write_pid, write_msn, write_tan, or write_hdv parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150706 [CORE-2015-0012] - AirLive Multiple Products OS Command Injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/535938/100/0/threaded"
"name": "20150706 [CORE-2015-0012] - AirLive Multiple Products OS Command Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535938/100/0/threaded"
},
{
"name" : "37532",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/37532/"
"name": "http://packetstormsecurity.com/files/132585/AirLive-Remote-Command-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132585/AirLive-Remote-Command-Injection.html"
},
{
"name" : "20150706 [CORE-2015-0012] - AirLive Multiple Products OS Command Injection",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Jul/29"
"name": "20150706 [CORE-2015-0012] - AirLive Multiple Products OS Command Injection",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jul/29"
},
{
"name" : "http://packetstormsecurity.com/files/132585/AirLive-Remote-Command-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/132585/AirLive-Remote-Command-Injection.html"
"name": "37532",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37532/"
},
{
"name" : "https://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection",
"refsource" : "MISC",
"url" : "https://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection"
"name": "75559",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75559"
},
{
"name" : "75559",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75559"
"name": "https://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection",
"refsource": "MISC",
"url": "https://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection"
}
]
}

104
2015/2xxx/CVE-2015-2281.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2281",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2281",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote attackers to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000."
"lang": "eng",
"value": "Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote attackers to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150318 [CORE-2015-0006] - Fortinet Single Sign On Stack Overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/534918/100/0/threaded"
"name": "http://www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow"
},
{
"name" : "36422",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/36422/"
"name": "20150318 [CORE-2015-0006] - Fortinet Single Sign On Stack Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534918/100/0/threaded"
},
{
"name" : "20150318 [CORE-2015-0006] - Fortinet Single Sign On Stack Overflow",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Mar/111"
"name": "20150318 [CORE-2015-0006] - Fortinet Single Sign On Stack Overflow",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Mar/111"
},
{
"name" : "http://www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow",
"refsource" : "MISC",
"url" : "http://www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow"
"name": "http://www.fortiguard.com/advisory/2015-02-27-fsso-stack-based-buffer-overflow",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/2015-02-27-fsso-stack-based-buffer-overflow"
},
{
"name" : "http://www.fortiguard.com/advisory/FG-IR-15-006/",
"refsource" : "CONFIRM",
"url" : "http://www.fortiguard.com/advisory/FG-IR-15-006/"
"name": "http://www.fortiguard.com/advisory/FG-IR-15-006/",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/FG-IR-15-006/"
},
{
"name" : "http://www.fortiguard.com/advisory/2015-02-27-fsso-stack-based-buffer-overflow",
"refsource" : "CONFIRM",
"url" : "http://www.fortiguard.com/advisory/2015-02-27-fsso-stack-based-buffer-overflow"
"name": "73206",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73206"
},
{
"name" : "73206",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/73206"
"name": "36422",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/36422/"
},
{
"name" : "119719",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/119719"
"name": "119719",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/119719"
}
]
}

68
2015/2xxx/CVE-2015-2434.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2434",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-2434",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft XML Core Services 3.0 and 5.0 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka \"MSXML Information Disclosure Vulnerability,\" a different vulnerability than CVE-2015-2471."
"lang": "eng",
"value": "Microsoft XML Core Services 3.0 and 5.0 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka \"MSXML Information Disclosure Vulnerability,\" a different vulnerability than CVE-2015-2471."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS15-084",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-084"
"name": "1033241",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033241"
},
{
"name" : "1033241",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033241"
"name": "MS15-084",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-084"
}
]
}

74
2015/2xxx/CVE-2015-2602.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2602",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-2602",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, CVE-2015-2606, and CVE-2015-4745."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, CVE-2015-2606, and CVE-2015-4745."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-355",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-355"
"name": "75755",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75755"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name" : "75755",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75755"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-355",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-355"
}
]
}

74
2015/6xxx/CVE-2015-6477.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6477",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-6477",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Wind Farm Portal application in Nordex Control 2 (NC2) SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Wind Farm Portal application in Nordex Control 2 (NC2) SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20151224 Nordex Control 2 (NC2) SCADA V16 and prior versions - XSS",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Dec/117"
"name": "20151224 Nordex Control 2 (NC2) SCADA V16 and prior versions - XSS",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Dec/117"
},
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-286-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-286-01"
"name": "http://packetstormsecurity.com/files/135068/Nordex-Control-2-NC2-SCADA-16-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135068/Nordex-Control-2-NC2-SCADA-16-Cross-Site-Scripting.html"
},
{
"name" : "http://packetstormsecurity.com/files/135068/Nordex-Control-2-NC2-SCADA-16-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/135068/Nordex-Control-2-NC2-SCADA-16-Cross-Site-Scripting.html"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-286-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-286-01"
}
]
}

68
2015/6xxx/CVE-2015-6641.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6641",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-6641",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Bluetooth in Android 6.0 before 2016-01-01 allows remote attackers to obtain sensitive Contacts information by leveraging pairing, aka internal bug 23607427."
"lang": "eng",
"value": "Bluetooth in Android 6.0 before 2016-01-01 allows remote attackers to obtain sensitive Contacts information by leveraging pairing, aka internal bug 23607427."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://source.android.com/security/bulletin/2016-01-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-01-01.html"
"name": "1034592",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034592"
},
{
"name" : "1034592",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034592"
"name": "http://source.android.com/security/bulletin/2016-01-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-01-01.html"
}
]
}

68
2016/0xxx/CVE-2016-0471.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0471",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0471",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote attackers to affect confidentiality via unknown vectors related to Multichannel Framework."
"lang": "eng",
"value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote attackers to affect confidentiality via unknown vectors related to Multichannel Framework."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name" : "1034720",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034720"
"name": "1034720",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034720"
}
]
}

86
2016/1000xxx/CVE-2016-1000338.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "dgh@bouncycastle.org",
"ID" : "CVE-2016-1000338",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000338",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Bouncy Castle JCE Provider",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "1.55 and before"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "The Legion of the Bouncy Castle Inc."
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure."
"lang": "eng",
"value": "In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-461: Data Processing Errors"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html"
"name": "[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html"
},
{
"name" : "https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0",
"refsource" : "CONFIRM",
"url" : "https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0"
"name": "https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0",
"refsource": "CONFIRM",
"url": "https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0"
},
{
"name" : "RHSA-2018:2669",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2669"
"name": "RHSA-2018:2669",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2669"
},
{
"name" : "RHSA-2018:2927",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2927"
"name": "USN-3727-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3727-1/"
},
{
"name" : "USN-3727-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3727-1/"
"name": "RHSA-2018:2927",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2927"
}
]
}

68
2016/10xxx/CVE-2016-10041.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10041",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10041",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. Under certain preconditions, it is possible to execute telegram simulation as a non-admin user. As prerequisites, a user must have created an online-connection, validly authenticated and authorized as administrator, and executed telegram simulation. After that, the online-connection must have been closed. Incorrect caching of client data then may lead to privilege escalation, where a subsequently acting non-admin user is permitted to do telegram simulation. In order to exploit this vulnerability, a potential attacker would need to have both a valid engineering-account in the SPRECON RBAC system as well as access to a service/maintenance computer with SPRECON-E Service Program running. Additionally, a valid admin-user must have closed the service connection beforehand without closing the program, having executed telegram simulation; the attacker then has access to the running software instance. Hence, there is no risk from external attackers."
"lang": "eng",
"value": "An issue was discovered in Sprecher Automation SPRECON-E Service Program before 3.43 SP0. Under certain preconditions, it is possible to execute telegram simulation as a non-admin user. As prerequisites, a user must have created an online-connection, validly authenticated and authorized as administrator, and executed telegram simulation. After that, the online-connection must have been closed. Incorrect caching of client data then may lead to privilege escalation, where a subsequently acting non-admin user is permitted to do telegram simulation. In order to exploit this vulnerability, a potential attacker would need to have both a valid engineering-account in the SPRECON RBAC system as well as access to a service/maintenance computer with SPRECON-E Service Program running. Additionally, a valid admin-user must have closed the service connection beforehand without closing the program, having executed telegram simulation; the attacker then has access to the running software instance. Hence, there is no risk from external attackers."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.sprecher-automation.com/en/it-security/",
"refsource" : "CONFIRM",
"url" : "https://www.sprecher-automation.com/en/it-security/"
"name": "95296",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95296"
},
{
"name" : "95296",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95296"
"name": "https://www.sprecher-automation.com/en/it-security/",
"refsource": "CONFIRM",
"url": "https://www.sprecher-automation.com/en/it-security/"
}
]
}

86
2016/10xxx/CVE-2016-10187.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10187",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10187",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript."
"lang": "eng",
"value": "The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20170129 Requesting CVE for calibre file disclosure",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2017/01/29/8"
"name": "https://bugs.launchpad.net/calibre/+bug/1651728",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/calibre/+bug/1651728"
},
{
"name" : "[oss-security] 20170131 Re: Requesting CVE for calibre file disclosure",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2017/01/31/9"
"name": "[oss-security] 20170129 Requesting CVE for calibre file disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/29/8"
},
{
"name" : "https://bugs.launchpad.net/calibre/+bug/1651728",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/calibre/+bug/1651728"
"name": "[oss-security] 20170131 Re: Requesting CVE for calibre file disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/9"
},
{
"name" : "https://github.com/kovidgoyal/calibre/commit/3a89718664cb8c",
"refsource" : "CONFIRM",
"url" : "https://github.com/kovidgoyal/calibre/commit/3a89718664cb8c"
"name": "https://github.com/kovidgoyal/calibre/commit/3a89718664cb8c",
"refsource": "CONFIRM",
"url": "https://github.com/kovidgoyal/calibre/commit/3a89718664cb8c"
},
{
"name" : "95909",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95909"
"name": "95909",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95909"
}
]
}

22
2016/10xxx/CVE-2016-10357.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10357",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-10357",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

62
2016/10xxx/CVE-2016-10740.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10740",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10740",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Various resources in Atlassian Crowd before version 2.10.1 allow remote attackers with administration rights to learn the passwords of configured LDAP directories by examining the responses to requests for these resources."
"lang": "eng",
"value": "Various resources in Atlassian Crowd before version 2.10.1 allow remote attackers with administration rights to learn the passwords of configured LDAP directories by examining the responses to requests for these resources."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://jira.atlassian.com/browse/CWD-5060",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/CWD-5060"
"name": "https://jira.atlassian.com/browse/CWD-5060",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/CWD-5060"
}
]
}

22
2016/4xxx/CVE-2016-4572.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4572",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4572",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2016/4xxx/CVE-2016-4779.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-4779",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-4779",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Apple Type Services (ATS) in Apple OS X before 10.12 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file."
"lang": "eng",
"value": "Apple Type Services (ATS) in Apple OS X before 10.12 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT207170",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207170"
"name": "1036858",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036858"
},
{
"name" : "APPLE-SA-2016-09-20",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
"name": "APPLE-SA-2016-09-20",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"name" : "93055",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93055"
"name": "93055",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93055"
},
{
"name" : "1036858",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036858"
"name": "https://support.apple.com/HT207170",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207170"
}
]
}

62
2016/8xxx/CVE-2016-8727.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "talos-cna@cisco.com",
"ID" : "CVE-2016-8727",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2016-8727",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client",
"version" : {
"version_data" : [
"product_name": "AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client",
"version": {
"version_data": [
{
"version_value" : "1.1"
"version_value": "1.1"
}
]
}
}
]
},
"vendor_name" : "Moxa"
"vendor_name": "Moxa"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker."
"lang": "eng",
"value": "An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "URL authentication"
"lang": "eng",
"value": "URL authentication"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.talosintelligence.com/reports/TALOS-2016-0241/",
"refsource" : "MISC",
"url" : "http://www.talosintelligence.com/reports/TALOS-2016-0241/"
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0241/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0241/"
}
]
}

68
2016/8xxx/CVE-2016-8878.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8878",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8878",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka \"Data from Faulting Address may be used as a return value starting at FOXITREADER.\""
"lang": "eng",
"value": "Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka \"Data from Faulting Address may be used as a return value starting at FOXITREADER.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource" : "CONFIRM",
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php"
"name": "93608",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93608"
},
{
"name" : "93608",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93608"
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "CONFIRM",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}
]
}

82
2016/9xxx/CVE-2016-9062.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2016-9062",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2016-9062",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "50"
"version_affected": "<",
"version_value": "50"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
"vendor_name": "Mozilla"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Private browsing mode leaves metadata information, such as URLs, for sites visited in \"browser.db\" and \"browser.db-wal\" files within the Firefox profile after the mode is exited. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50."
"lang": "eng",
"value": "Private browsing mode leaves metadata information, such as URLs, for sites visited in \"browser.db\" and \"browser.db-wal\" files within the Firefox profile after the mode is exited. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Private browsing browser traces (Android) in browser.db and wal file"
"lang": "eng",
"value": "Private browsing browser traces (Android) in browser.db and wal file"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1294438",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1294438"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1294438",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1294438"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-89/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-89/"
"name": "94337",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94337"
},
{
"name" : "94337",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94337"
"name": "1037298",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037298"
},
{
"name" : "1037298",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037298"
"name": "https://www.mozilla.org/security/advisories/mfsa2016-89/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-89/"
}
]
}

68
2016/9xxx/CVE-2016-9256.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "f5sirt@f5.com",
"ID" : "CVE-2016-9256",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2016-9256",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "BIG-IP",
"version" : {
"version_data" : [
"product_name": "BIG-IP",
"version": {
"version_data": [
{
"version_value" : "12.1.0-12.1.2"
"version_value": "12.1.0-12.1.2"
}
]
}
}
]
},
"vendor_name" : "F5 Networks, Inc."
"vendor_name": "F5 Networks, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request. This is a race condition that occurs rarely in normal usage; the typical period in which this is possible is limited to at most a few seconds after the permission change."
"lang": "eng",
"value": "In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request. This is a race condition that occurs rarely in normal usage; the typical period in which this is possible is limited to at most a few seconds after the permission change."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "iControl vulnerability CVE-2016-9256"
"lang": "eng",
"value": "iControl vulnerability CVE-2016-9256"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.f5.com/csp/article/K47284724",
"refsource" : "CONFIRM",
"url" : "https://support.f5.com/csp/article/K47284724"
"name": "https://support.f5.com/csp/article/K47284724",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K47284724"
},
{
"name" : "96464",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96464"
"name": "96464",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96464"
}
]
}

22
2016/9xxx/CVE-2016-9342.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9342",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-9342",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

22
2019/2xxx/CVE-2019-2063.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2063",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2063",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/2xxx/CVE-2019-2090.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2090",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2090",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/2xxx/CVE-2019-2363.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2363",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2363",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/2xxx/CVE-2019-2920.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2920",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2920",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/2xxx/CVE-2019-2963.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2963",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2963",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3274.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3274",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3274",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3330.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3330",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3330",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3455.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3455",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3455",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3866.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3866",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3866",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3883.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3883",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3883",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6016.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6016",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6016",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6481.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6481",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6481",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2019/6xxx/CVE-2019-6508.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6508",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6508",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in creditease-sec insight through 2018-09-11. role_perm_delete in srcpm/app/admin/views.py allows CSRF."
"lang": "eng",
"value": "An issue was discovered in creditease-sec insight through 2018-09-11. role_perm_delete in srcpm/app/admin/views.py allows CSRF."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/creditease-sec/insight/issues/42",
"refsource" : "MISC",
"url" : "https://github.com/creditease-sec/insight/issues/42"
"name": "https://github.com/creditease-sec/insight/issues/42",
"refsource": "MISC",
"url": "https://github.com/creditease-sec/insight/issues/42"
}
]
}

22
2019/6xxx/CVE-2019-6844.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6844",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6844",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2019/7xxx/CVE-2019-7398.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7398",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7398",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c."
"lang": "eng",
"value": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/ImageMagick/ImageMagick/issues/1453",
"refsource" : "MISC",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/1453"
"name": "https://github.com/ImageMagick/ImageMagick/issues/1453",
"refsource": "MISC",
"url": "https://github.com/ImageMagick/ImageMagick/issues/1453"
},
{
"name" : "106848",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106848"
"name": "106848",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106848"
}
]
}

22
2019/7xxx/CVE-2019-7407.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7407",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7407",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7440.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7440",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7440",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7940.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7940",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7940",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8033.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8033",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8033",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8222.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8222",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8222",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8420.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8420",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8420",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}