admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 04:33:31 +00:00
parent ba2d48f419
commit da00ccb184
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
68 changed files with 4552 additions and 4552 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

140
2007/0xxx/CVE-2007-0681.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0681",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, via modified values to register.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0681",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3239",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3239"
},
{
"name" : "38130",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38130"
},
{
"name" : "extcalendar-profile-security-bypass(32035)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32035"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, via modified values to register.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38130",
"refsource": "OSVDB",
"url": "http://osvdb.org/38130"
},
{
"name": "extcalendar-profile-security-bypass(32035)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32035"
},
{
"name": "3239",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3239"
}
]
}
}

180
2007/0xxx/CVE-2007-0757.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0757",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in index.php in Miguel Nunes Call of Duty 2 (CoD2) DreamStats System 4.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0757",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3251",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3251"
},
{
"name" : "20070202 true: DreamStats V 4.2=(index.php)=>Remote File Include",
"refsource" : "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2007-February/001272.html"
},
{
"name" : "22371",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22371"
},
{
"name" : "ADV-2007-0479",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0479"
},
{
"name" : "33095",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33095"
},
{
"name" : "24037",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24037"
},
{
"name" : "cod2dreamstats-index-file-include(32160)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32160"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in Miguel Nunes Call of Duty 2 (CoD2) DreamStats System 4.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24037"
},
{
"name": "33095",
"refsource": "OSVDB",
"url": "http://osvdb.org/33095"
},
{
"name": "3251",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3251"
},
{
"name": "22371",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22371"
},
{
"name": "cod2dreamstats-index-file-include(32160)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32160"
},
{
"name": "20070202 true: DreamStats V 4.2=(index.php)=>Remote File Include",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-February/001272.html"
},
{
"name": "ADV-2007-0479",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0479"
}
]
}
}

150
2007/3xxx/CVE-2007-3110.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3110",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Andy Frank Beatnik 1.0 extension for Firefox allows remote attackers to inject arbitrary web script or HTML via an RSS feed. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "24324",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24324"
},
{
"name" : "36982",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36982"
},
{
"name" : "25549",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25549"
},
{
"name" : "beatnik-rss-feed-xss(34986)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34986"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Andy Frank Beatnik 1.0 extension for Firefox allows remote attackers to inject arbitrary web script or HTML via an RSS feed. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24324",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24324"
},
{
"name": "beatnik-rss-feed-xss(34986)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34986"
},
{
"name": "36982",
"refsource": "OSVDB",
"url": "http://osvdb.org/36982"
},
{
"name": "25549",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25549"
}
]
}
}

150
2007/3xxx/CVE-2007-3172.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3172",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in demo/pop3/error.php in Uebimiau Webmail allows remote attackers to determine the existence of arbitrary directories via an absolute pathname and .. (dot dot) in the selected_theme parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3172",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070528 Uebimiau Webmail Multiple Vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063629.html"
},
{
"name" : "24210",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24210"
},
{
"name" : "38337",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38337"
},
{
"name" : "uebimiau-error-directory-traversal(34555)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34555"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in demo/pop3/error.php in Uebimiau Webmail allows remote attackers to determine the existence of arbitrary directories via an absolute pathname and .. (dot dot) in the selected_theme parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38337",
"refsource": "OSVDB",
"url": "http://osvdb.org/38337"
},
{
"name": "24210",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24210"
},
{
"name": "uebimiau-error-directory-traversal(34555)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34555"
},
{
"name": "20070528 Uebimiau Webmail Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063629.html"
}
]
}
}

140
2007/3xxx/CVE-2007-3204.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3204",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in auth.php in Just For Fun Network Management System (JFFNMS) 0.8.4-pre2 allows remote attackers to execute arbitrary SQL commands via the pass parameter. NOTE: this issue reportedly exists because of an initial incomplete fix for CVE-2007-3190. The provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "37169",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37169"
},
{
"name" : "25587",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25587"
},
{
"name" : "jffnms-pass-sql-injection(34911)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34911"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in auth.php in Just For Fun Network Management System (JFFNMS) 0.8.4-pre2 allows remote attackers to execute arbitrary SQL commands via the pass parameter. NOTE: this issue reportedly exists because of an initial incomplete fix for CVE-2007-3190. The provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37169",
"refsource": "OSVDB",
"url": "http://osvdb.org/37169"
},
{
"name": "jffnms-pass-sql-injection(34911)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34911"
},
{
"name": "25587",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25587"
}
]
}
}

560
2007/3xxx/CVE-2007-3738.json
View File

@ -1,282 +1,282 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3738",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-3738",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070720 rPSA-2007-0148-1 firefox thunderbird",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/474226/100/0/threaded"
},
{
"name" : "20070724 FLEA-2007-0033-1: firefox thunderbird",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/474542/100/0/threaded"
},
{
"name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-25.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-25.html"
},
{
"name" : "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt",
"refsource" : "CONFIRM",
"url" : "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt"
},
{
"name" : "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html"
},
{
"name" : "DSA-1337",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1337"
},
{
"name" : "DSA-1338",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1338"
},
{
"name" : "DSA-1339",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1339"
},
{
"name" : "GLSA-200708-09",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml"
},
{
"name" : "HPSBUX02153",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name" : "SSRT061181",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name" : "MDKSA-2007:152",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:152"
},
{
"name" : "RHSA-2007:0722",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0722.html"
},
{
"name" : "RHSA-2007:0723",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0723.html"
},
{
"name" : "RHSA-2007:0724",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0724.html"
},
{
"name" : "20070701-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"name" : "103177",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1"
},
{
"name" : "201516",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1"
},
{
"name" : "SUSE-SA:2007:049",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_49_mozilla.html"
},
{
"name" : "SUSE-SA:2007:057",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html"
},
{
"name" : "USN-490-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-490-1"
},
{
"name" : "24946",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24946"
},
{
"name" : "oval:org.mitre.oval:def:9875",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9875"
},
{
"name" : "ADV-2007-2564",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2564"
},
{
"name" : "ADV-2007-4256",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/4256"
},
{
"name" : "1018414",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018414"
},
{
"name" : "26095",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26095"
},
{
"name" : "26103",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26103"
},
{
"name" : "26106",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26106"
},
{
"name" : "26107",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26107"
},
{
"name" : "25589",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25589"
},
{
"name" : "26179",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26179"
},
{
"name" : "26149",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26149"
},
{
"name" : "26151",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26151"
},
{
"name" : "26072",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26072"
},
{
"name" : "26211",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26211"
},
{
"name" : "26216",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26216"
},
{
"name" : "26204",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26204"
},
{
"name" : "26205",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26205"
},
{
"name" : "26159",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26159"
},
{
"name" : "26271",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26271"
},
{
"name" : "26258",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26258"
},
{
"name" : "26460",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26460"
},
{
"name" : "28135",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28135"
},
{
"name" : "firefox-xpcnativewrapper-code-execution(35460)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35460"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-490-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-490-1"
},
{
"name": "26107",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26107"
},
{
"name": "26179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26179"
},
{
"name": "ADV-2007-4256",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4256"
},
{
"name": "25589",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25589"
},
{
"name": "HPSBUX02153",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "MDKSA-2007:152",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:152"
},
{
"name": "GLSA-200708-09",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml"
},
{
"name": "http://www.mozilla.org/security/announce/2007/mfsa2007-25.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-25.html"
},
{
"name": "DSA-1339",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1339"
},
{
"name": "1018414",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018414"
},
{
"name": "26151",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26151"
},
{
"name": "SUSE-SA:2007:057",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html"
},
{
"name": "28135",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28135"
},
{
"name": "26216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26216"
},
{
"name": "26103",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26103"
},
{
"name": "26072",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26072"
},
{
"name": "26149",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26149"
},
{
"name": "103177",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1"
},
{
"name": "ADV-2007-2564",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2564"
},
{
"name": "DSA-1337",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1337"
},
{
"name": "26211",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26211"
},
{
"name": "26159",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26159"
},
{
"name": "SUSE-SA:2007:049",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_49_mozilla.html"
},
{
"name": "SSRT061181",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "DSA-1338",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1338"
},
{
"name": "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt",
"refsource": "CONFIRM",
"url": "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt"
},
{
"name": "firefox-xpcnativewrapper-code-execution(35460)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35460"
},
{
"name": "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html"
},
{
"name": "26095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26095"
},
{
"name": "oval:org.mitre.oval:def:9875",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9875"
},
{
"name": "20070724 FLEA-2007-0033-1: firefox thunderbird",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474542/100/0/threaded"
},
{
"name": "26258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26258"
},
{
"name": "24946",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24946"
},
{
"name": "26460",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26460"
},
{
"name": "26106",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26106"
},
{
"name": "20070701-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"name": "RHSA-2007:0724",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0724.html"
},
{
"name": "20070720 rPSA-2007-0148-1 firefox thunderbird",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474226/100/0/threaded"
},
{
"name": "RHSA-2007:0723",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0723.html"
},
{
"name": "26271",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26271"
},
{
"name": "RHSA-2007:0722",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0722.html"
},
{
"name": "201516",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1"
},
{
"name": "26204",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26204"
},
{
"name": "26205",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26205"
}
]
}
}

140
2007/3xxx/CVE-2007-3837.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3837",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in HydraIRC 0.3.151 allows remote IRC servers to cause a denial of service (application crash) via a long CTCP request message containing '%' (percent) characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3837",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.portcullis-security.com/uplds/advisories/HydraIRC_bof-07_007.txt",
"refsource" : "MISC",
"url" : "http://www.portcullis-security.com/uplds/advisories/HydraIRC_bof-07_007.txt"
},
{
"name" : "38625",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38625"
},
{
"name" : "hydrairc-ctcp-dos(35408)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35408"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in HydraIRC 0.3.151 allows remote IRC servers to cause a denial of service (application crash) via a long CTCP request message containing '%' (percent) characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38625",
"refsource": "OSVDB",
"url": "http://osvdb.org/38625"
},
{
"name": "hydrairc-ctcp-dos(35408)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35408"
},
{
"name": "http://www.portcullis-security.com/uplds/advisories/HydraIRC_bof-07_007.txt",
"refsource": "MISC",
"url": "http://www.portcullis-security.com/uplds/advisories/HydraIRC_bof-07_007.txt"
}
]
}
}

170
2007/3xxx/CVE-2007-3945.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3945",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3945",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070719 [ANNOUNCE] RSBAC 1.3.5 released",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/474161/100/0/threaded"
},
{
"name" : "http://download.rsbac.org/code/1.3.5/changes-1.3.5.txt",
"refsource" : "CONFIRM",
"url" : "http://download.rsbac.org/code/1.3.5/changes-1.3.5.txt"
},
{
"name" : "25001",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25001"
},
{
"name" : "ADV-2007-2610",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2610"
},
{
"name" : "26147",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26147"
},
{
"name" : "2911",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2911"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25001",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25001"
},
{
"name": "26147",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26147"
},
{
"name": "20070719 [ANNOUNCE] RSBAC 1.3.5 released",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474161/100/0/threaded"
},
{
"name": "ADV-2007-2610",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2610"
},
{
"name": "2911",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2911"
},
{
"name": "http://download.rsbac.org/code/1.3.5/changes-1.3.5.txt",
"refsource": "CONFIRM",
"url": "http://download.rsbac.org/code/1.3.5/changes-1.3.5.txt"
}
]
}
}

160
2007/4xxx/CVE-2007-4032.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4032",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in CrystalPlayer Pro 1.98 allows user-assisted remote attackers to execute arbitrary code via a long string in a .mls Playlist file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4032",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "4229",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4229"
},
{
"name" : "25083",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25083"
},
{
"name" : "38689",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38689"
},
{
"name" : "26198",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26198"
},
{
"name" : "crystalplayer-mls-bo(35625)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35625"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in CrystalPlayer Pro 1.98 allows user-assisted remote attackers to execute arbitrary code via a long string in a .mls Playlist file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4229",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4229"
},
{
"name": "crystalplayer-mls-bo(35625)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35625"
},
{
"name": "38689",
"refsource": "OSVDB",
"url": "http://osvdb.org/38689"
},
{
"name": "25083",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25083"
},
{
"name": "26198",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26198"
}
]
}
}

140
2007/4xxx/CVE-2007-4058.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4058",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first argument to the StartProcess method."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "4244",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4244"
},
{
"name" : "25118",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25118"
},
{
"name" : "vmware-startprocess-code-execution(35673)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35673"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first argument to the StartProcess method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "vmware-startprocess-code-execution(35673)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35673"
},
{
"name": "4244",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4244"
},
{
"name": "25118",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25118"
}
]
}
}

190
2007/4xxx/CVE-2007-4350.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4350",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the management interface in HP SiteScope 9.0 build 911 allows remote attackers to inject arbitrary web script or HTML via an SNMP trap message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-4350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20081020 Secunia Research: HP SiteScope SNMP Trap Script Insertion Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/497548/100/0/threaded"
},
{
"name" : "http://secunia.com/secunia_research/2007-84/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2007-84/"
},
{
"name" : "31816",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/31816"
},
{
"name" : "ADV-2008-2854",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/2854"
},
{
"name" : "1021068",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1021068"
},
{
"name" : "27126",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27126"
},
{
"name" : "4447",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/4447"
},
{
"name" : "sitescope-snmp-messages-xss(45958)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45958"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the management interface in HP SiteScope 9.0 build 911 allows remote attackers to inject arbitrary web script or HTML via an SNMP trap message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31816"
},
{
"name": "sitescope-snmp-messages-xss(45958)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45958"
},
{
"name": "27126",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27126"
},
{
"name": "ADV-2008-2854",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2854"
},
{
"name": "http://secunia.com/secunia_research/2007-84/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-84/"
},
{
"name": "1021068",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021068"
},
{
"name": "20081020 Secunia Research: HP SiteScope SNMP Trap Script Insertion Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497548/100/0/threaded"
},
{
"name": "4447",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4447"
}
]
}
}

170
2007/4xxx/CVE-2007-4414.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4414",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco VPN Client on Windows before 4.8.02.0010 allows local users to gain privileges by enabling the \"Start Before Logon\" (SBL) and Microsoft Dial-Up Networking options, and then interacting with the dial-up networking dialog box."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070815 Local Privilege Escalation Vulnerabilities in Cisco VPN Client",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml"
},
{
"name" : "25332",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25332"
},
{
"name" : "ADV-2007-2903",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2903"
},
{
"name" : "1018573",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1018573"
},
{
"name" : "26459",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26459"
},
{
"name" : "cisco-vpn-dialup-privilege-escalation(36029)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36029"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco VPN Client on Windows before 4.8.02.0010 allows local users to gain privileges by enabling the \"Start Before Logon\" (SBL) and Microsoft Dial-Up Networking options, and then interacting with the dial-up networking dialog box."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070815 Local Privilege Escalation Vulnerabilities in Cisco VPN Client",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml"
},
{
"name": "ADV-2007-2903",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2903"
},
{
"name": "26459",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26459"
},
{
"name": "25332",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25332"
},
{
"name": "cisco-vpn-dialup-privilege-escalation(36029)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36029"
},
{
"name": "1018573",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018573"
}
]
}
}

170
2007/4xxx/CVE-2007-4495.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4495",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on the x86 platform before 20070821 allows local users to cause a denial of service (system panic) via an unspecified ioctl function, aka Bug 6433124."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "102988",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102988-1"
},
{
"name" : "25389",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25389"
},
{
"name" : "ADV-2007-2933",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2933"
},
{
"name" : "36615",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36615"
},
{
"name" : "1018597",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018597"
},
{
"name" : "26558",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26558"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on the x86 platform before 20070821 allows local users to cause a denial of service (system panic) via an unspecified ioctl function, aka Bug 6433124."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1018597",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018597"
},
{
"name": "36615",
"refsource": "OSVDB",
"url": "http://osvdb.org/36615"
},
{
"name": "ADV-2007-2933",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2933"
},
{
"name": "102988",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102988-1"
},
{
"name": "25389",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25389"
},
{
"name": "26558",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26558"
}
]
}
}

160
2007/4xxx/CVE-2007-4549.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4549",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow user-assisted remote attackers to execute arbitrary code via an ALPass DB (APW) file containing (1) a long file-key or (2) a \"Site Information and Folder entry\" with a ciphertext_length value much larger than the plaintext_length value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4549",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://vuln.sg/alpass27-en.html",
"refsource" : "MISC",
"url" : "http://vuln.sg/alpass27-en.html"
},
{
"name" : "25435",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25435"
},
{
"name" : "26616",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26616"
},
{
"name" : "alpass-alpass-db-file-bo(36235)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36235"
},
{
"name" : "alpass-apw-bo(36257)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36257"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow user-assisted remote attackers to execute arbitrary code via an ALPass DB (APW) file containing (1) a long file-key or (2) a \"Site Information and Folder entry\" with a ciphertext_length value much larger than the plaintext_length value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "alpass-alpass-db-file-bo(36235)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36235"
},
{
"name": "alpass-apw-bo(36257)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36257"
},
{
"name": "http://vuln.sg/alpass27-en.html",
"refsource": "MISC",
"url": "http://vuln.sg/alpass27-en.html"
},
{
"name": "26616",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26616"
},
{
"name": "25435",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25435"
}
]
}
}

170
2007/4xxx/CVE-2007-4562.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4562",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Hitachi DABroker before 03-02-/D and Cosminexus DABroker before 02-04-/C and 03-05-/E allows remote attackers to cause a denial of service (connection prevention) by sending \"data unexpectedly through a port.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4562",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-026_e/index-e.html",
"refsource" : "CONFIRM",
"url" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-026_e/index-e.html"
},
{
"name" : "25431",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25431"
},
{
"name" : "ADV-2007-2989",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2989"
},
{
"name" : "37856",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37856"
},
{
"name" : "26592",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26592"
},
{
"name" : "hitachi-dabroker-dos(36246)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36246"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Hitachi DABroker before 03-02-/D and Cosminexus DABroker before 02-04-/C and 03-05-/E allows remote attackers to cause a denial of service (connection prevention) by sending \"data unexpectedly through a port.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26592",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26592"
},
{
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-026_e/index-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-026_e/index-e.html"
},
{
"name": "25431",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25431"
},
{
"name": "37856",
"refsource": "OSVDB",
"url": "http://osvdb.org/37856"
},
{
"name": "ADV-2007-2989",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2989"
},
{
"name": "hitachi-dabroker-dos(36246)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36246"
}
]
}
}

150
2007/6xxx/CVE-2007-6266.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6266",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in bcoos 1.0.10 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to modules/arcade/index.php in a show_stats action, or the lid parameter to (2) modules/myalbum/ratephoto.php or (3) modules/mylinks/ratelink.php, different vectors than CVE-2007-5104."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://lostmon.blogspot.com/2007/11/bcoops-sql-injection-and-cross-site.html",
"refsource" : "MISC",
"url" : "http://lostmon.blogspot.com/2007/11/bcoops-sql-injection-and-cross-site.html"
},
{
"name" : "26629",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26629"
},
{
"name" : "26945",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26945"
},
{
"name" : "bcoos-index-ratephoto-sql-injection(36752)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36752"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in bcoos 1.0.10 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to modules/arcade/index.php in a show_stats action, or the lid parameter to (2) modules/myalbum/ratephoto.php or (3) modules/mylinks/ratelink.php, different vectors than CVE-2007-5104."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26629",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26629"
},
{
"name": "bcoos-index-ratephoto-sql-injection(36752)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36752"
},
{
"name": "26945",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26945"
},
{
"name": "http://lostmon.blogspot.com/2007/11/bcoops-sql-injection-and-cross-site.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2007/11/bcoops-sql-injection-and-cross-site.html"
}
]
}
}

160
2007/6xxx/CVE-2007-6316.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6316",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server before 3.8 allows remote attackers to inject arbitrary web script or HTML via the URI path in an HTTP GET request, which is activated by administrators viewing log files via the Trace page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071210 Multiple vulnerabilities in BarracudaDrive 3.7.2",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/484833/100/0/threaded"
},
{
"name" : "http://aluigi.altervista.org/adv/barradrive-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/barradrive-adv.txt"
},
{
"name" : "26805",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26805"
},
{
"name" : "28032",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28032"
},
{
"name" : "3434",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3434"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server before 3.8 allows remote attackers to inject arbitrary web script or HTML via the URI path in an HTTP GET request, which is activated by administrators viewing log files via the Trace page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20071210 Multiple vulnerabilities in BarracudaDrive 3.7.2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484833/100/0/threaded"
},
{
"name": "28032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28032"
},
{
"name": "http://aluigi.altervista.org/adv/barradrive-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/barradrive-adv.txt"
},
{
"name": "3434",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3434"
},
{
"name": "26805",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26805"
}
]
}
}

180
2007/6xxx/CVE-2007-6405.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6405",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended (1) '+' character, (2) '.' character, (3) %2e sequence (hex-encoded dot), or (4) hex-encoded character greater than 0x7f. NOTE: the %20 vector is already covered by CVE-2007-3407."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071207 Two vulnerabilities in Simple HTTPD 1.38",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/484761/100/0/threaded"
},
{
"name" : "4700",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4700"
},
{
"name" : "[shttpd-general] 20071203 Security bugs in SHTTPD",
"refsource" : "MLIST",
"url" : "http://sourceforge.net/mailarchive/forum.php?thread_name=20071203130540.6e482c20.aluigi%40autistici.org&forum_name=shttpd-general"
},
{
"name" : "http://aluigi.altervista.org/adv/shttpd-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/shttpd-adv.txt"
},
{
"name" : "26768",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26768"
},
{
"name" : "44119",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/44119"
},
{
"name" : "3457",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3457"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended (1) '+' character, (2) '.' character, (3) %2e sequence (hex-encoded dot), or (4) hex-encoded character greater than 0x7f. NOTE: the %20 vector is already covered by CVE-2007-3407."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20071207 Two vulnerabilities in Simple HTTPD 1.38",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484761/100/0/threaded"
},
{
"name": "3457",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3457"
},
{
"name": "4700",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4700"
},
{
"name": "44119",
"refsource": "OSVDB",
"url": "http://osvdb.org/44119"
},
{
"name": "26768",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26768"
},
{
"name": "[shttpd-general] 20071203 Security bugs in SHTTPD",
"refsource": "MLIST",
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=20071203130540.6e482c20.aluigi%40autistici.org&forum_name=shttpd-general"
},
{
"name": "http://aluigi.altervista.org/adv/shttpd-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/shttpd-adv.txt"
}
]
}
}

170
2007/6xxx/CVE-2007-6688.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6688",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to \"web-accessibility protection of the storage folder.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6688",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://gallery.menalto.com/gallery_2.2.4_released",
"refsource" : "CONFIRM",
"url" : "http://gallery.menalto.com/gallery_2.2.4_released"
},
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=203217",
"refsource" : "CONFIRM",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=203217"
},
{
"name" : "GLSA-200802-04",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200802-04.xml"
},
{
"name" : "41670",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41670"
},
{
"name" : "28898",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28898"
},
{
"name" : "gallery-installation-unspecified(39987)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39987"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to \"web-accessibility protection of the storage folder.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://gallery.menalto.com/gallery_2.2.4_released",
"refsource": "CONFIRM",
"url": "http://gallery.menalto.com/gallery_2.2.4_released"
},
{
"name": "GLSA-200802-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200802-04.xml"
},
{
"name": "28898",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28898"
},
{
"name": "41670",
"refsource": "OSVDB",
"url": "http://osvdb.org/41670"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=203217",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=203217"
},
{
"name": "gallery-installation-unspecified(39987)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39987"
}
]
}
}

150
2010/5xxx/CVE-2010-5276.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5276",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal does not properly handle the $user object in memcache_admin, which might \"lead to a role change not being recognized until the user logs in again.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://drupal.org/node/927016",
"refsource" : "MISC",
"url" : "http://drupal.org/node/927016"
},
{
"name" : "http://drupal.org/node/926478",
"refsource" : "CONFIRM",
"url" : "http://drupal.org/node/926478"
},
{
"name" : "41663",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41663"
},
{
"name" : "ADV-2010-2543",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2543"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal does not properly handle the $user object in memcache_admin, which might \"lead to a role change not being recognized until the user logs in again.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41663",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41663"
},
{
"name": "http://drupal.org/node/927016",
"refsource": "MISC",
"url": "http://drupal.org/node/927016"
},
{
"name": "http://drupal.org/node/926478",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/926478"
},
{
"name": "ADV-2010-2543",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2543"
}
]
}
}

500
2014/1xxx/CVE-2014-1478.json
View File

@ -1,252 +1,252 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1478",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2014-1478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=867597",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=867597"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=911707",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=911707"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=911845",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=911845"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=916635",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=916635"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=922603",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=922603"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=924348",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=924348"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=925308",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=925308"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=932162",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=932162"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=938431",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=938431"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=939472",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=939472"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=942152",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=942152"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=942940",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=942940"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944278",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944278"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944321",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944321"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944851",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944851"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=945585",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=945585"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=946733",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=946733"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=950452",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=950452"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=953373",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=953373"
},
{
"name" : "https://8pecxstudios.com/?page_id=44080",
"refsource" : "CONFIRM",
"url" : "https://8pecxstudios.com/?page_id=44080"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "GLSA-201504-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201504-01"
},
{
"name" : "openSUSE-SU-2014:0212",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name" : "openSUSE-SU-2014:0213",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name" : "openSUSE-SU-2014:0419",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name" : "USN-2102-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name" : "USN-2102-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name" : "65324",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65324"
},
{
"name" : "102865",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102865"
},
{
"name" : "1029717",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029717"
},
{
"name" : "1029720",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029720"
},
{
"name" : "1029721",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029721"
},
{
"name" : "56706",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56706"
},
{
"name" : "56767",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56767"
},
{
"name" : "56787",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56787"
},
{
"name" : "56888",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56888"
},
{
"name" : "56922",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56922"
},
{
"name" : "firefox-cve20141478-code-exec(90900)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90900"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1029721",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029721"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=922603",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=922603"
},
{
"name": "102865",
"refsource": "OSVDB",
"url": "http://osvdb.org/102865"
},
{
"name": "openSUSE-SU-2014:0212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
},
{
"name": "65324",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65324"
},
{
"name": "1029717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029717"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=946733",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=946733"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=925308",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=925308"
},
{
"name": "https://8pecxstudios.com/?page_id=44080",
"refsource": "CONFIRM",
"url": "https://8pecxstudios.com/?page_id=44080"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=911707",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=911707"
},
{
"name": "56922",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56922"
},
{
"name": "56787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56787"
},
{
"name": "1029720",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029720"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=950452",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950452"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=938431",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=938431"
},
{
"name": "USN-2102-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-2"
},
{
"name": "GLSA-201504-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-01"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=945585",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945585"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=916635",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=916635"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=867597",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=867597"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=944321",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=944321"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=942152",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=942152"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=942940",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=942940"
},
{
"name": "56888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56888"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=924348",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=924348"
},
{
"name": "openSUSE-SU-2014:0419",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=953373",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=953373"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=911845",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=911845"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=939472",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=939472"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=932162",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=932162"
},
{
"name": "firefox-cve20141478-code-exec(90900)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90900"
},
{
"name": "openSUSE-SU-2014:0213",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html"
},
{
"name": "USN-2102-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2102-1"
},
{
"name": "56767",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56767"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=944278",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=944278"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=944851",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=944851"
},
{
"name": "56706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56706"
}
]
}
}

150
2014/1xxx/CVE-2014-1814.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1814",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Windows Installer in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application that invokes the repair feature for a different application, aka \"Windows Installer Repair Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-1814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS14-049",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-049"
},
{
"name" : "69112",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69112"
},
{
"name" : "1030719",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030719"
},
{
"name" : "60674",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60674"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows Installer in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application that invokes the repair feature for a different application, aka \"Windows Installer Repair Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030719",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030719"
},
{
"name": "MS14-049",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-049"
},
{
"name": "69112",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69112"
},
{
"name": "60674",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60674"
}
]
}
}

140
2014/5xxx/CVE-2014-5591.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5591",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Frankly Chat (aka com.chatfrankly.android) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5591",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#397081",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/397081"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Frankly Chat (aka com.chatfrankly.android) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#397081",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/397081"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/5xxx/CVE-2014-5711.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5711",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Microsoft Tech Companion (aka com.technet) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5711",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#318321",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/318321"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Microsoft Tech Companion (aka com.technet) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#318321",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/318321"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/5xxx/CVE-2014-5943.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5943",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application Beta for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5943",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#115217",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/115217"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application Beta for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#115217",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/115217"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

230
2015/2xxx/CVE-2015-2188.json
View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2188",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-07.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-07.html"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844"
},
{
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b204ff4846fe84b7789893c6b1d9afbdecac5b5d",
"refsource" : "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b204ff4846fe84b7789893c6b1d9afbdecac5b5d"
},
{
"name" : "http://advisories.mageia.org/MGASA-2015-0117.html",
"refsource" : "CONFIRM",
"url" : "http://advisories.mageia.org/MGASA-2015-0117.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name" : "DSA-3210",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3210"
},
{
"name" : "GLSA-201510-03",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201510-03"
},
{
"name" : "MDVSA-2015:183",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:183"
},
{
"name" : "openSUSE-SU-2015:0489",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html"
},
{
"name" : "72942",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72942"
},
{
"name" : "1031858",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031858"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2015:0489",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0117.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0117.html"
},
{
"name": "1031858",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031858"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "MDVSA-2015:183",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:183"
},
{
"name": "DSA-3210",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3210"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "GLSA-201510-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201510-03"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2015-07.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-07.html"
},
{
"name": "72942",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72942"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b204ff4846fe84b7789893c6b1d9afbdecac5b5d",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b204ff4846fe84b7789893c6b1d9afbdecac5b5d"
}
]
}
}

170
2015/2xxx/CVE-2015-2295.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2295",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before 2.2.1 allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deletefile parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20150325 Arbitrary file deletion and multiple XSS vulnerabilities in pfSense",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/534987/100/0/threaded"
},
{
"name" : "36506",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/36506/"
},
{
"name" : "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
},
{
"name" : "https://www.htbridge.com/advisory/HTB23251",
"refsource" : "MISC",
"url" : "https://www.htbridge.com/advisory/HTB23251"
},
{
"name" : "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc",
"refsource" : "CONFIRM",
"url" : "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc"
},
{
"name" : "73344",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/73344"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before 2.2.1 allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deletefile parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150325 Arbitrary file deletion and multiple XSS vulnerabilities in pfSense",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534987/100/0/threaded"
},
{
"name": "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc",
"refsource": "CONFIRM",
"url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc"
},
{
"name": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
},
{
"name": "73344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73344"
},
{
"name": "https://www.htbridge.com/advisory/HTB23251",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23251"
},
{
"name": "36506",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/36506/"
}
]
}
}

130
2015/2xxx/CVE-2015-2383.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2383",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2384 and CVE-2015-2425."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-2383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS15-065",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065"
},
{
"name" : "1032894",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032894"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2384 and CVE-2015-2425."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032894",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032894"
},
{
"name": "MS15-065",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065"
}
]
}
}

140
2015/2xxx/CVE-2015-2559.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2559",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2559",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.drupal.org/SA-CORE-2015-001",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/SA-CORE-2015-001"
},
{
"name" : "DSA-3200",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3200"
},
{
"name" : "73219",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/73219"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3200",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3200"
},
{
"name": "73219",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73219"
},
{
"name": "https://www.drupal.org/SA-CORE-2015-001",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/SA-CORE-2015-001"
}
]
}
}

140
2015/2xxx/CVE-2015-2971.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2971",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Seeds acmailer before 3.8.18 and 3.9.x before 3.9.12 Beta allows remote authenticated users to delete arbitrary files via a crafted string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-2971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.acmailer.jp/info/de.cgi?id=58",
"refsource" : "CONFIRM",
"url" : "http://www.acmailer.jp/info/de.cgi?id=58"
},
{
"name" : "JVN#64051989",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN64051989/index.html"
},
{
"name" : "JVNDB-2015-000098",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000098"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Seeds acmailer before 3.8.18 and 3.9.x before 3.9.12 Beta allows remote authenticated users to delete arbitrary files via a crafted string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.acmailer.jp/info/de.cgi?id=58",
"refsource": "CONFIRM",
"url": "http://www.acmailer.jp/info/de.cgi?id=58"
},
{
"name": "JVN#64051989",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN64051989/index.html"
},
{
"name": "JVNDB-2015-000098",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000098"
}
]
}
}

140
2015/6xxx/CVE-2015-6316.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6316",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The default configuration of sshd_config in Cisco Mobility Services Engine (MSE) through 8.0.120.7 allows logins by the oracle account, which makes it easier for remote attackers to obtain access by entering this account's hardcoded password in an SSH session, aka Bug ID CSCuv40501."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20151104 Cisco Mobility Services Engine Static Credential Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-mse-cred"
},
{
"name" : "77432",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77432"
},
{
"name" : "1034065",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034065"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of sshd_config in Cisco Mobility Services Engine (MSE) through 8.0.120.7 allows logins by the oracle account, which makes it easier for remote attackers to obtain access by entering this account's hardcoded password in an SSH session, aka Bug ID CSCuv40501."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20151104 Cisco Mobility Services Engine Static Credential Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-mse-cred"
},
{
"name": "77432",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77432"
},
{
"name": "1034065",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034065"
}
]
}
}

130
2015/6xxx/CVE-2015-6411.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6411",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests for help files, which allows remote attackers to obtain potentially sensitive version information by reading an unspecified field, aka Bug ID CSCux37061."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6411",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20151209 Cisco FirePOWER Management Center Software Version Information Disclosure Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-fmc"
},
{
"name" : "78740",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/78740"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests for help files, which allows remote attackers to obtain potentially sensitive version information by reading an unspecified field, aka Bug ID CSCux37061."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "78740",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78740"
},
{
"name": "20151209 Cisco FirePOWER Management Center Software Version Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-fmc"
}
]
}
}

140
2015/6xxx/CVE-2015-6700.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6700",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The setBackground function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-6700",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-478",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-478"
},
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"name" : "1033796",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033796"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The setBackground function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-478",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-478"
},
{
"name": "1033796",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033796"
}
]
}
}

180
2016/0xxx/CVE-2016-0231.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0231",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading exception details in error logs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0231",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21976392",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21976392"
},
{
"name" : "PI56757",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56757"
},
{
"name" : "PI56758",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56758"
},
{
"name" : "PI56759",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56759"
},
{
"name" : "PI56762",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56762"
},
{
"name" : "PI56763",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56763"
},
{
"name" : "PI56764",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56764"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading exception details in error logs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "PI56759",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56759"
},
{
"name": "PI56762",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56762"
},
{
"name": "PI56757",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56757"
},
{
"name": "PI56764",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56764"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21976392",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976392"
},
{
"name": "PI56758",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56758"
},
{
"name": "PI56763",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56763"
}
]
}
}

150
2016/0xxx/CVE-2016-0826.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0826",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted application that directly dumps, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26265403."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-0826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://source.android.com/security/bulletin/2016-03-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-03-01.html"
},
{
"name" : "https://android.googlesource.com/platform/frameworks/av/+/899823966e78552bb6dfd7772403a4f91471d2b0",
"refsource" : "CONFIRM",
"url" : "https://android.googlesource.com/platform/frameworks/av/+/899823966e78552bb6dfd7772403a4f91471d2b0"
},
{
"name" : "https://android.googlesource.com/platform/frameworks/av/+/c9ab2b0bb05a7e19fb057e79b36e232809d70122",
"refsource" : "CONFIRM",
"url" : "https://android.googlesource.com/platform/frameworks/av/+/c9ab2b0bb05a7e19fb057e79b36e232809d70122"
},
{
"name" : "84268",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84268"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted application that directly dumps, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26265403."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://android.googlesource.com/platform/frameworks/av/+/899823966e78552bb6dfd7772403a4f91471d2b0",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/av/+/899823966e78552bb6dfd7772403a4f91471d2b0"
},
{
"name": "84268",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84268"
},
{
"name": "https://android.googlesource.com/platform/frameworks/av/+/c9ab2b0bb05a7e19fb057e79b36e232809d70122",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/av/+/c9ab2b0bb05a7e19fb057e79b36e232809d70122"
},
{
"name": "http://source.android.com/security/bulletin/2016-03-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-03-01.html"
}
]
}
}

140
2016/10xxx/CVE-2016-10081.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10081",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a \"Run a plugin\" action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "41435",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/41435/"
},
{
"name" : "https://bugs.launchpad.net/shutter/+bug/1652600",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/shutter/+bug/1652600"
},
{
"name" : "95351",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95351"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a \"Run a plugin\" action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41435",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41435/"
},
{
"name": "95351",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95351"
},
{
"name": "https://bugs.launchpad.net/shutter/+bug/1652600",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/shutter/+bug/1652600"
}
]
}
}

34
2016/10xxx/CVE-2016-10303.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10303",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10303",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

132
2016/10xxx/CVE-2016-10450.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2016-10450",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Small Cell SoC, Snapdragon Mobile, Snapdragon Wear",
"version" : {
"version_data" : [
{
"version_value" : "FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, potential stack-based buffer overflow exist in thermal service leading to root compromise."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Copy without Checking Size in Power"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2016-10450",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Small Cell SoC, Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value": "FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name" : "103671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103671"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, potential stack-based buffer overflow exist in thermal service leading to root compromise."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Copy without Checking Size in Power"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

130
2016/10xxx/CVE-2016-10703.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10703",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A regular expression Denial of Service (DoS) vulnerability in the file lib/ecstatic.js of the ecstatic npm package, before version 2.0.0, allows a remote attacker to overload and crash a server by passing a maliciously crafted string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10703",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/jfhbrook/node-ecstatic/commit/71ce93988ead4b561a8592168c72143907189f01",
"refsource" : "MISC",
"url" : "https://github.com/jfhbrook/node-ecstatic/commit/71ce93988ead4b561a8592168c72143907189f01"
},
{
"name" : "https://www.checkmarx.com/advisories/denial-of-service-dos-vulnerability-in-ecstatic-npm-package/",
"refsource" : "MISC",
"url" : "https://www.checkmarx.com/advisories/denial-of-service-dos-vulnerability-in-ecstatic-npm-package/"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A regular expression Denial of Service (DoS) vulnerability in the file lib/ecstatic.js of the ecstatic npm package, before version 2.0.0, allows a remote attacker to overload and crash a server by passing a maliciously crafted string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.checkmarx.com/advisories/denial-of-service-dos-vulnerability-in-ecstatic-npm-package/",
"refsource": "MISC",
"url": "https://www.checkmarx.com/advisories/denial-of-service-dos-vulnerability-in-ecstatic-npm-package/"
},
{
"name": "https://github.com/jfhbrook/node-ecstatic/commit/71ce93988ead4b561a8592168c72143907189f01",
"refsource": "MISC",
"url": "https://github.com/jfhbrook/node-ecstatic/commit/71ce93988ead4b561a8592168c72143907189f01"
}
]
}
}

130
2016/4xxx/CVE-2016-4546.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4546",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4546",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160505 Re: CVE request - samsumg android phone com.samsung.android.jam.IAndroidShm binder service DoS",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/05/06/1"
},
{
"name" : "http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016",
"refsource" : "CONFIRM",
"url" : "http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016",
"refsource": "CONFIRM",
"url": "http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016"
},
{
"name": "[oss-security] 20160505 Re: CVE request - samsumg android phone com.samsung.android.jam.IAndroidShm binder service DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/06/1"
}
]
}
}

190
2016/4xxx/CVE-2016-4590.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-4590",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-4590",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20160825 WebKitGTK+ Security Advisory WSA-2016-0005",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/539295/100/0/threaded"
},
{
"name" : "http://packetstormsecurity.com/files/138502/WebKitGTK-SOP-Bypass-Information-Disclosure.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/138502/WebKitGTK-SOP-Bypass-Information-Disclosure.html"
},
{
"name" : "https://support.apple.com/HT206900",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206900"
},
{
"name" : "https://support.apple.com/HT206902",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206902"
},
{
"name" : "APPLE-SA-2016-07-18-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"
},
{
"name" : "APPLE-SA-2016-07-18-5",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00004.html"
},
{
"name" : "91835",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91835"
},
{
"name" : "1036343",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036343"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2016-07-18-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"
},
{
"name": "91835",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91835"
},
{
"name": "https://support.apple.com/HT206900",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206900"
},
{
"name": "1036343",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036343"
},
{
"name": "http://packetstormsecurity.com/files/138502/WebKitGTK-SOP-Bypass-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138502/WebKitGTK-SOP-Bypass-Information-Disclosure.html"
},
{
"name": "20160825 WebKitGTK+ Security Advisory WSA-2016-0005",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539295/100/0/threaded"
},
{
"name": "https://support.apple.com/HT206902",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206902"
},
{
"name": "APPLE-SA-2016-07-18-5",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00004.html"
}
]
}
}

150
2016/4xxx/CVE-2016-4867.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4867",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restriction to view unauthorized project information via the Project function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4867",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.cybozu.com/ja-jp/article/9429",
"refsource" : "CONFIRM",
"url" : "https://support.cybozu.com/ja-jp/article/9429"
},
{
"name" : "JVN#07148816",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN07148816/index.html"
},
{
"name" : "JVNDB-2016-000187",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000187.html"
},
{
"name" : "93461",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93461"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restriction to view unauthorized project information via the Project function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2016-000187",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000187.html"
},
{
"name": "93461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93461"
},
{
"name": "JVN#07148816",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN07148816/index.html"
},
{
"name": "https://support.cybozu.com/ja-jp/article/9429",
"refsource": "CONFIRM",
"url": "https://support.cybozu.com/ja-jp/article/9429"
}
]
}
}

232
2016/4xxx/CVE-2016-4925.json
View File

@ -1,118 +1,118 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2016-10-12T09:00",
"ID" : "CVE-2016-4925",
"STATE" : "PUBLIC",
"TITLE" : "JUNOSe: Line Card Reset: processor exception 0x68616c74 (halt) task: scheduler, upon receipt of crafted IPv6 packet"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "JunosE",
"version" : {
"version_data" : [
{
"platform" : "",
"version_value" : "10.3 prior to 10.3.3p0-15"
},
{
"platform" : "",
"version_value" : "12.3 prior to 12.3.3p0-6"
},
{
"platform" : "",
"version_value" : "13.3 prior to 13.3.3p0-1"
},
{
"platform" : "",
"version_value" : "14.3 prior to 14.3.2"
}
]
}
}
]
},
"vendor_name" : "Juniper Networks"
}
]
}
},
"configuration" : [
{
"lang" : "eng",
"value" : "This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability."
}
],
"credit" : [],
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "denial of service"
}
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2016-10-12T09:00",
"ID": "CVE-2016-4925",
"STATE": "PUBLIC",
"TITLE": "JUNOSe: Line Card Reset: processor exception 0x68616c74 (halt) task: scheduler, upon receipt of crafted IPv6 packet"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "JunosE",
"version": {
"version_data": [
{
"platform": "",
"version_value": "10.3 prior to 10.3.3p0-15"
},
{
"platform": "",
"version_value": "12.3 prior to 12.3.3p0-6"
},
{
"platform": "",
"version_value": "13.3 prior to 13.3.3p0-1"
},
{
"platform": "",
"version_value": "14.3 prior to 14.3.2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://kb.juniper.net/JSA10767",
"refsource" : "CONFIRM",
"url" : "https://kb.juniper.net/JSA10767"
},
{
"name" : "93533",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93533"
},
{
"name" : "1037012",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037012"
}
]
},
"solution" : "JUNOSe releases containing the fix specifically include: 10.3.3p0-15, 12.3.3p0-6, 13.3.3p0-1, 14.3.2, 15.1.0, and all subsequent releases. Hotfixes are also available upon request.\n\nThis issue is being tracked as CQ 97413 and is visible on the Customer Support website.",
"work_around" : [
{
"lang" : "eng",
"value" : "No known workaround exists for this issue."
}
]
}
}
},
"configuration": [
{
"lang": "eng",
"value": "This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability."
}
],
"credit": [],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue."
}
]
},
"exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10767",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10767"
},
{
"name": "1037012",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037012"
},
{
"name": "93533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93533"
}
]
},
"solution": "JUNOSe releases containing the fix specifically include: 10.3.3p0-15, 12.3.3p0-6, 13.3.3p0-1, 14.3.2, 15.1.0, and all subsequent releases. Hotfixes are also available upon request.\n\nThis issue is being tracked as CQ 97413 and is visible on the Customer Support website.",
"work_around": [
{
"lang": "eng",
"value": "No known workaround exists for this issue."
}
]
}

160
2016/9xxx/CVE-2016-9082.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9082",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9082",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20161027 Re: librsvg and cairo are causing libpng to write out-of-bounds",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/27/2"
},
{
"name" : "https://bugs.freedesktop.org/attachment.cgi?id=127421",
"refsource" : "CONFIRM",
"url" : "https://bugs.freedesktop.org/attachment.cgi?id=127421"
},
{
"name" : "https://bugs.freedesktop.org/show_bug.cgi?id=98165",
"refsource" : "CONFIRM",
"url" : "https://bugs.freedesktop.org/show_bug.cgi?id=98165"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1312337",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1312337"
},
{
"name" : "93931",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93931"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1312337",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312337"
},
{
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=98165",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=98165"
},
{
"name": "93931",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93931"
},
{
"name": "[oss-security] 20161027 Re: librsvg and cairo are causing libpng to write out-of-bounds",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/27/2"
},
{
"name": "https://bugs.freedesktop.org/attachment.cgi?id=127421",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/attachment.cgi?id=127421"
}
]
}
}

34
2016/9xxx/CVE-2016-9226.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9226",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-9226",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

160
2016/9xxx/CVE-2016-9275.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9275",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the _dwarf_skim_forms function in libdwarf/dwarf_macro5.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20161111 Re: libdwarf: heap-based buffer overflow in _dwarf_skim_forms (dwarf_macro5.c)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/11/11/7"
},
{
"name" : "https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-_dwarf_skim_forms-dwarf_macro5-c",
"refsource" : "MISC",
"url" : "https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-_dwarf_skim_forms-dwarf_macro5-c"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1394802",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1394802"
},
{
"name" : "https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/",
"refsource" : "CONFIRM",
"url" : "https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/"
},
{
"name" : "94284",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94284"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the _dwarf_skim_forms function in libdwarf/dwarf_macro5.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20161111 Re: libdwarf: heap-based buffer overflow in _dwarf_skim_forms (dwarf_macro5.c)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/11/7"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1394802",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1394802"
},
{
"name": "https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-_dwarf_skim_forms-dwarf_macro5-c",
"refsource": "MISC",
"url": "https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-_dwarf_skim_forms-dwarf_macro5-c"
},
{
"name": "https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/"
},
{
"name": "94284",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94284"
}
]
}
}

34
2016/9xxx/CVE-2016-9507.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9507",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-9507",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

170
2016/9xxx/CVE-2016-9703.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-9703",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Identity Manager",
"version" : {
"version_data" : [
{
"version_value" : "6.0"
},
{
"version_value" : "5.0"
},
{
"version_value" : "5.1"
},
{
"version_value" : "6"
},
{
"version_value" : "7.0"
},
{
"version_value" : "7"
}
]
}
}
]
},
"vendor_name" : "IBM Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-9703",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Identity Manager",
"version": {
"version_data": [
{
"version_value": "6.0"
},
{
"version_value": "5.0"
},
{
"version_value": "5.1"
},
{
"version_value": "6"
},
{
"version_value": "7.0"
},
{
"version_value": "7"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21996761",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21996761"
},
{
"name" : "95327",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95327"
},
{
"name" : "1037765",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037765"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95327",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95327"
},
{
"name": "1037765",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037765"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21996761",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996761"
}
]
}
}

34
2019/2xxx/CVE-2019-2053.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2053",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2053",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

140
2019/2xxx/CVE-2019-2432.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2019-2432",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Argus Safety",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "8.1"
},
{
"version_affected" : "=",
"version_value" : "8.2"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: Login). Supported versions that are affected are 8.1 and 8.2. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus Safety. While the vulnerability is in Oracle Argus Safety, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Argus Safety accessible data as well as unauthorized read access to a subset of Oracle Argus Safety accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus Safety. While the vulnerability is in Oracle Argus Safety, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Argus Safety accessible data as well as unauthorized read access to a subset of Oracle Argus Safety accessible data."
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2019-2432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Argus Safety",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "8.1"
},
{
"version_affected": "=",
"version_value": "8.2"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name" : "106599",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106599"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: Login). Supported versions that are affected are 8.1 and 8.2. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus Safety. While the vulnerability is in Oracle Argus Safety, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Argus Safety accessible data as well as unauthorized read access to a subset of Oracle Argus Safety accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus Safety. While the vulnerability is in Oracle Argus Safety, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Argus Safety accessible data as well as unauthorized read access to a subset of Oracle Argus Safety accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "106599",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106599"
}
]
}
}

178
2019/2xxx/CVE-2019-2537.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2019-2537",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "MySQL Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "5.6.42 and prior"
},
{
"version_affected" : "=",
"version_value" : "5.7.24 and prior"
},
{
"version_affected" : "=",
"version_value" : "8.0.13 and prior"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2019-2537",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MySQL Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.6.42 and prior"
},
{
"version_affected": "=",
"version_value": "5.7.24 and prior"
},
{
"version_affected": "=",
"version_value": "8.0.13 and prior"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[debian-lts-announce] 20190201 [SECURITY] [DLA 1655-1] mariadb-10.0 security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00000.html"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20190118-0002/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20190118-0002/"
},
{
"name" : "USN-3867-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3867-1/"
},
{
"name" : "106619",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106619"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106619",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106619"
},
{
"name": "[debian-lts-announce] 20190201 [SECURITY] [DLA 1655-1] mariadb-10.0 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00000.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "USN-3867-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3867-1/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190118-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190118-0002/"
}
]
}
}

34
2019/2xxx/CVE-2019-2758.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2758",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2758",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3023.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3023",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3023",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3125.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3125",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3125",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3173.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3173",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3173",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3657.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3657",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3657",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3750.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3750",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3750",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6385.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6385",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6385",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6407.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6407",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6407",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6436.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6436",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6436",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6993.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6993",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6993",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/7xxx/CVE-2019-7051.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7051",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7051",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

120
2019/7xxx/CVE-2019-7233.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7233",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7233",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/uvoteam/libdoc/issues/6",
"refsource" : "MISC",
"url" : "https://github.com/uvoteam/libdoc/issues/6"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/uvoteam/libdoc/issues/6",
"refsource": "MISC",
"url": "https://github.com/uvoteam/libdoc/issues/6"
}
]
}
}

34
2019/7xxx/CVE-2019-7427.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7427",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7427",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

120
2019/7xxx/CVE-2019-7729.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7729",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to setting of insecure permissions, a malicious app could potentially succeed in retrieving video clips or still images that have been cached for clip sharing. (The Bosch Smart Home App is not affected. iOS Apps are not affected.)"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7729",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://psirt.bosch.com/Advisory/BOSCH-2019-0204.html",
"refsource" : "CONFIRM",
"url" : "https://psirt.bosch.com/Advisory/BOSCH-2019-0204.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to setting of insecure permissions, a malicious app could potentially succeed in retrieving video clips or still images that have been cached for clip sharing. (The Bosch Smart Home App is not affected. iOS Apps are not affected.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.bosch.com/Advisory/BOSCH-2019-0204.html",
"refsource": "CONFIRM",
"url": "https://psirt.bosch.com/Advisory/BOSCH-2019-0204.html"
}
]
}
}

34
2019/8xxx/CVE-2019-8473.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8473",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8473",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8506.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8506",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8506",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

120
2019/8xxx/CVE-2019-8996.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8996",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://help.signiant.com/manager-agents/installation/release-notes/",
"refsource" : "MISC",
"url" : "https://help.signiant.com/manager-agents/installation/release-notes/"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://help.signiant.com/manager-agents/installation/release-notes/",
"refsource": "MISC",
"url": "https://help.signiant.com/manager-agents/installation/release-notes/"
}
]
}
}