admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:12:44 +00:00
parent b433c1b256
commit dda81fc8d9
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
45 changed files with 3074 additions and 3074 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
1999/0xxx/CVE-1999-0282.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-1999-0282", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-1999-0282",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1584, CVE-1999-1586. Reason: This candidate combined references from one issue with the description from another issue. Notes: Users should consult CVE-1999-1584 and CVE-1999-1586 to obtain the appropriate name. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1584, CVE-1999-1586. Reason: This candidate combined references from one issue with the description from another issue. Notes: Users should consult CVE-1999-1584 and CVE-1999-1586 to obtain the appropriate name. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

138
1999/0xxx/CVE-1999-0849.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0849", "ID": "CVE-1999-0849",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Denial of service in BIND named via maxdname."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "CSSA-1999-034.1", "description_data": [
"refsource" : "CALDERA", {
"url" : "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt" "lang": "eng",
}, "value": "Denial of service in BIND named via maxdname."
{ }
"name" : "00194", ]
"refsource" : "SUN", },
"url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "788", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/788" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-1999-034.1",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt"
},
{
"name": "788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/788"
},
{
"name": "00194",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194"
}
]
}
} }

148
2005/2xxx/CVE-2005-2195.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2195", "ID": "CVE-2005-2195",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050713 APPLE Darwin Streaming Server Web Admin Remote Denial of Serivce", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112126999514361&w=2" "lang": "eng",
}, "value": "Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502."
{ }
"name" : "http://secway.org/Advisory/AD20050713.txt", ]
"refsource" : "MISC", },
"url" : "http://secway.org/Advisory/AD20050713.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1014474", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014474" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "16056", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/16056" ]
} },
] "references": {
} "reference_data": [
{
"name": "20050713 APPLE Darwin Streaming Server Web Admin Remote Denial of Serivce",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112126999514361&w=2"
},
{
"name": "1014474",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014474"
},
{
"name": "http://secway.org/Advisory/AD20050713.txt",
"refsource": "MISC",
"url": "http://secway.org/Advisory/AD20050713.txt"
},
{
"name": "16056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16056"
}
]
}
} }

118
2005/2xxx/CVE-2005-2239.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2239", "ID": "CVE-2005-2239",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "oftpd 0.3.7 allows remote attackers to cause a denial of service via a USER command with a large number of null (\\0) characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "1014413", "description_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014413" "lang": "eng",
} "value": "oftpd 0.3.7 allows remote attackers to cause a denial of service via a USER command with a large number of null (\\0) characters."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1014413",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014413"
}
]
}
} }

308
2005/2xxx/CVE-2005-2266.json
View File

@ -1,157 +1,157 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2005-2266", "ID": "CVE-2005-2266",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to call top.focus and other methods in a parent frame, even when the parent is in a different domain, which violates the same origin policy and allows remote attackers to steal sensitive information such as cookies and passwords from web sites whose child frames do not verify that they are in the same domain as their parents."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/mfsa2005-52.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/mfsa2005-52.html" "lang": "eng",
}, "value": "Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to call top.focus and other methods in a parent frame, even when the parent is in a different domain, which violates the same origin policy and allows remote attackers to steal sensitive information such as cookies and passwords from web sites whose child frames do not verify that they are in the same domain as their parents."
{ }
"name" : "DSA-810", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2005/dsa-810" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FLSA:160202", "description": [
"refsource" : "FEDORA", {
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2005:586", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2005-586.html" ]
}, },
{ "references": {
"name" : "RHSA-2005:587", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-587.html" "name": "15549",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/15549"
"name" : "RHSA-2005:601", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-601.html" "name": "DSA-810",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2005/dsa-810"
"name" : "SUSE-SA:2006:022", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_04_25.html" "name": "SUSE-SR:2005:018",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html"
"name" : "SUSE-SA:2005:045", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2005_45_mozilla.html" "name": "15553",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/15553"
"name" : "SUSE-SR:2005:018", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2005_18_sr.html" "name": "FLSA:160202",
}, "refsource": "FEDORA",
{ "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=160202"
"name" : "14242", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14242" "name": "19823",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19823"
"name" : "oval:org.mitre.oval:def:10712", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10712" "name": "RHSA-2005:587",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-587.html"
"name" : "ADV-2005-1075", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/1075" "name": "ADV-2005-1075",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/1075"
"name" : "oval:org.mitre.oval:def:100107", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100107" "name": "RHSA-2005:601",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-601.html"
"name" : "oval:org.mitre.oval:def:1415", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1415" "name": "15551",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/15551"
"name" : "oval:org.mitre.oval:def:773", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A773" "name": "oval:org.mitre.oval:def:100107",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100107"
"name" : "15549", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/15549" "name": "oval:org.mitre.oval:def:1415",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1415"
"name" : "15551", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/15551" "name": "SUSE-SA:2005:045",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2005_45_mozilla.html"
"name" : "15553", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/15553" "name": "14242",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/14242"
"name" : "19823", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19823" "name": "RHSA-2005:586",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-586.html"
"name" : "mozilla-frame-topfocus-xss(21332)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21332" "name": "http://www.mozilla.org/security/announce/mfsa2005-52.html",
} "refsource": "CONFIRM",
] "url": "http://www.mozilla.org/security/announce/mfsa2005-52.html"
} },
{
"name": "oval:org.mitre.oval:def:10712",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10712"
},
{
"name": "SUSE-SA:2006:022",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
},
{
"name": "oval:org.mitre.oval:def:773",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A773"
},
{
"name": "mozilla-frame-topfocus-xss(21332)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21332"
}
]
}
} }

298
2005/2xxx/CVE-2005-2710.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2710", "ID": "CVE-2005-2710",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050930 RealNetworks RealPlayer/HelixPlayer RealPix Format String Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities" "lang": "eng",
}, "value": "Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file."
{ }
"name" : "20050926 RealPlayer && HelixPlayer Remote Format String", ]
"refsource" : "FULLDISC", },
"url" : "http://marc.info/?l=full-disclosure&m=112775929608219&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20050926 RealPlayer && HelixPlayer Remote Format String Exploit", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112785544325326&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.open-security.org/advisories/13", ]
"refsource" : "MISC", }
"url" : "http://www.open-security.org/advisories/13" ]
}, },
{ "references": {
"name" : "DSA-826", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2005/dsa-826" "name": "17127",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17127"
"name" : "GLSA-200510-07", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200510-07.xml" "name": "VU#361181",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/361181"
"name" : "RHSA-2005:788", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-788.html" "name": "GLSA-200510-07",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200510-07.xml"
"name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078", },
"refsource" : "CONFIRM", {
"url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078" "name": "DSA-826",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2005/dsa-826"
"name" : "RHSA-2005:762", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-762.html" "name": "27",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/27"
"name" : "SUSE-SA:2005:059", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2005_59_RealPlayer.html" "name": "20050926 RealPlayer && HelixPlayer Remote Format String",
}, "refsource": "FULLDISC",
{ "url": "http://marc.info/?l=full-disclosure&m=112775929608219&w=2"
"name" : "VU#361181", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/361181" "name": "16961",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/16961"
"name" : "oval:org.mitre.oval:def:11015", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11015" "name": "RHSA-2005:788",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-788.html"
"name" : "16981", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16981" "name": "16981",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/16981"
"name" : "16954", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16954" "name": "17116",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17116"
"name" : "16961", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16961" "name": "16954",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/16954"
"name" : "17116", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17116" "name": "oval:org.mitre.oval:def:11015",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11015"
"name" : "17127", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17127" "name": "SUSE-SA:2005:059",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2005_59_RealPlayer.html"
"name" : "27", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/27" "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078",
}, "refsource": "CONFIRM",
{ "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168078"
"name" : "41", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/41" "name": "20050930 RealNetworks RealPlayer/HelixPlayer RealPix Format String Vulnerability",
} "refsource": "IDEFENSE",
] "url": "http://www.idefense.com/application/poi/display?id=311&type=vulnerabilities"
} },
{
"name": "http://www.open-security.org/advisories/13",
"refsource": "MISC",
"url": "http://www.open-security.org/advisories/13"
},
{
"name": "41",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/41"
},
{
"name": "RHSA-2005:762",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-762.html"
},
{
"name": "20050926 RealPlayer && HelixPlayer Remote Format String Exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112785544325326&w=2"
}
]
}
} }

188
2005/2xxx/CVE-2005-2744.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2744", "ID": "CVE-2005-2744",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "APPLE-SA-2005-09-22", "description_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2005/Sep/msg00002.html" "lang": "eng",
}, "value": "Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file."
{ }
"name" : "ESB-2005.0732", ]
"refsource" : "AUSCERT", },
"url" : "http://www.auscert.org.au/5509" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "P-312", "description": [
"refsource" : "CIAC", {
"url" : "http://www.ciac.org/ciac/bulletins/p-312.shtml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "VU#529945", ]
"refsource" : "CERT-VN", }
"url" : "http://www.kb.cert.org/vuls/id/529945" ]
}, },
{ "references": {
"name" : "14914", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14914" "name": "P-312",
}, "refsource": "CIAC",
{ "url": "http://www.ciac.org/ciac/bulletins/p-312.shtml"
"name" : "1014961", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/alerts/2005/Sep/1014961.html" "name": "macos-quickdraw-manager-bo(22384)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22384"
"name" : "16920", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16920/" "name": "14914",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/14914"
"name" : "macos-quickdraw-manager-bo(22384)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22384" "name": "ESB-2005.0732",
} "refsource": "AUSCERT",
] "url": "http://www.auscert.org.au/5509"
} },
{
"name": "VU#529945",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/529945"
},
{
"name": "1014961",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2005/Sep/1014961.html"
},
{
"name": "APPLE-SA-2005-09-22",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Sep/msg00002.html"
},
{
"name": "16920",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16920/"
}
]
}
} }

128
2005/3xxx/CVE-2005-3000.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3000", "ID": "CVE-2005-3000",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in viewers/txt.php in PHP Advanced Transfer Manager 1.30 allow remote attackers to inject arbitrary web script or HTML via the (1) font, (2) normalfontcolor, or (3) mess[31] parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://rgod.altervista.org/phpatm130.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://rgod.altervista.org/phpatm130.html" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in viewers/txt.php in PHP Advanced Transfer Manager 1.30 allow remote attackers to inject arbitrary web script or HTML via the (1) font, (2) normalfontcolor, or (3) mess[31] parameters."
{ }
"name" : "16867", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/16867" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://rgod.altervista.org/phpatm130.html",
"refsource": "MISC",
"url": "http://rgod.altervista.org/phpatm130.html"
},
{
"name": "16867",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16867"
}
]
}
} }

188
2005/3xxx/CVE-2005-3099.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3099", "ID": "CVE-2005-3099",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2005-220.pdf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2005-220.pdf" "lang": "eng",
}, "value": "Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code."
{ }
"name" : "101800", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101800-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19699", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/19699" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "19700", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/19700" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:943", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A943" "name": "17246",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17246"
"name" : "16955", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16955" "name": "16955",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/16955"
"name" : "17246", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17246" "name": "101800",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101800-1"
"name" : "solaris-xsun-xprt-command-execution(22410)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22410" "name": "oval:org.mitre.oval:def:943",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A943"
} },
{
"name": "19700",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19700"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2005-220.pdf",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-220.pdf"
},
{
"name": "19699",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19699"
},
{
"name": "solaris-xsun-xprt-command-execution(22410)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22410"
}
]
}
} }

178
2005/3xxx/CVE-2005-3640.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3640", "ID": "CVE-2005-3640",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote attackers to execute arbitrary code via long arguments to various IMAP commands, as demonstrated with the EXAMINE command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051116 Buffer Overrun in FTGate4 Groupware Mail server", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2005-11/0213.html" "lang": "eng",
}, "value": "Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote attackers to execute arbitrary code via long arguments to various IMAP commands, as demonstrated with the EXAMINE command."
{ }
"name" : "http://www.lucaercoli.it/advs/FTGate4.txt", ]
"refsource" : "MISC", },
"url" : "http://www.lucaercoli.it/advs/FTGate4.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "15449", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15449" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2005-2478", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2005/2478" ]
}, },
{ "references": {
"name" : "20917", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/20917" "name": "ftgate4-groupware-imap-bo(23101)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23101"
"name" : "17609", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17609" "name": "15449",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/15449"
"name" : "ftgate4-groupware-imap-bo(23101)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23101" "name": "http://www.lucaercoli.it/advs/FTGate4.txt",
} "refsource": "MISC",
] "url": "http://www.lucaercoli.it/advs/FTGate4.txt"
} },
{
"name": "ADV-2005-2478",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2478"
},
{
"name": "20917",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20917"
},
{
"name": "20051116 Buffer Overrun in FTGate4 Groupware Mail server",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-11/0213.html"
},
{
"name": "17609",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17609"
}
]
}
} }

198
2007/5xxx/CVE-2007-5320.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5320", "ID": "CVE-2007-5320",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple absolute path traversal vulnerabilities in Pegasus Imaging ImagXpress 8.0 allow remote attackers to (1) delete arbitrary files via the CacheFile attribute in the ThumbnailXpres.1 ActiveX control (PegasusImaging.ActiveX.ThumnailXpress1.dll) or (2) overwrite arbitrary files via the CompactFile function in the ImagXpress.8 ActiveX control (PegasusImaging.ActiveX.ImagXpress8.dll)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://shinnai.altervista.org/exploits/txt/TXT_3DQ1nIkI6zmWCek4zP5U.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://shinnai.altervista.org/exploits/txt/TXT_3DQ1nIkI6zmWCek4zP5U.html" "lang": "eng",
}, "value": "Multiple absolute path traversal vulnerabilities in Pegasus Imaging ImagXpress 8.0 allow remote attackers to (1) delete arbitrary files via the CacheFile attribute in the ThumbnailXpres.1 ActiveX control (PegasusImaging.ActiveX.ThumnailXpress1.dll) or (2) overwrite arbitrary files via the CompactFile function in the ImagXpress.8 ActiveX control (PegasusImaging.ActiveX.ImagXpress8.dll)."
{ }
"name" : "http://shinnai.altervista.org/exploits/txt/TXT_wfv7ZG0G6KnQlk1SieLd.html", ]
"refsource" : "MISC", },
"url" : "http://shinnai.altervista.org/exploits/txt/TXT_wfv7ZG0G6KnQlk1SieLd.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25948", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25948" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25949", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25949" ]
}, },
{ "references": {
"name" : "ADV-2007-3388", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3388" "name": "25948",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25948"
"name" : "37959", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37959" "name": "http://shinnai.altervista.org/exploits/txt/TXT_3DQ1nIkI6zmWCek4zP5U.html",
}, "refsource": "MISC",
{ "url": "http://shinnai.altervista.org/exploits/txt/TXT_3DQ1nIkI6zmWCek4zP5U.html"
"name" : "37960", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37960" "name": "37959",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37959"
"name" : "27095", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27095" "name": "27095",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27095"
"name" : "imagxpress-imagxpress8-file-overwrite(37012)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37012" "name": "ADV-2007-3388",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/3388"
} },
{
"name": "http://shinnai.altervista.org/exploits/txt/TXT_wfv7ZG0G6KnQlk1SieLd.html",
"refsource": "MISC",
"url": "http://shinnai.altervista.org/exploits/txt/TXT_wfv7ZG0G6KnQlk1SieLd.html"
},
{
"name": "imagxpress-imagxpress8-file-overwrite(37012)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37012"
},
{
"name": "25949",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25949"
},
{
"name": "37960",
"refsource": "OSVDB",
"url": "http://osvdb.org/37960"
}
]
}
} }

838
2007/5xxx/CVE-2007-5340.json
View File

@ -1,422 +1,422 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-5340", "ID": "CVE-2007-5340",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071029 FLEA-2007-0062-1 firefox", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/482925/100/0/threaded" "lang": "eng",
}, "value": "Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption."
{ }
"name" : "20071026 rPSA-2007-0225-1 firefox", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/482876/100/200/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20071029 rPSA-2007-0225-2 firefox thunderbird", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/482932/100/200/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=372309,387955,390078,393537", ]
"refsource" : "MISC", }
"url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=372309,387955,390078,393537" ]
}, },
{ "references": {
"name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-29.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-29.html" "name": "FEDORA-2007-2601",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html"
"name" : "https://issues.rpath.com/browse/RPL-1858", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1858" "name": "20071026 rPSA-2007-0225-1 firefox",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/482876/100/200/threaded"
"name" : "https://issues.rpath.com/browse/RPL-1884", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1884" "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-29.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-29.html"
"name" : "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html", },
"refsource" : "CONFIRM", {
"url" : "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html" "name": "1018835",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018835"
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=196481", },
"refsource" : "CONFIRM", {
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=196481" "name": "ADV-2007-3545",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3545"
"name" : "DSA-1396", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1396" "name": "MDVSA-2008:047",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:047"
"name" : "DSA-1401", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1401" "name": "VU#755513",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/755513"
"name" : "DSA-1391", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1391" "name": "ADV-2007-3587",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3587"
"name" : "DSA-1392", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1392" "name": "27414",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27414"
"name" : "FEDORA-2007-2601", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html" "name": "SUSE-SR:2008:002",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
"name" : "FEDORA-2007-2664", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html" "name": "20071029 FLEA-2007-0062-1 firefox",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/482925/100/0/threaded"
"name" : "FEDORA-2007-3431", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html" "name": "ADV-2008-0643",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0643"
"name" : "GLSA-200711-14", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml" "name": "https://issues.rpath.com/browse/RPL-1858",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1858"
"name" : "GLSA-200711-24", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200711-24.xml" "name": "GLSA-200711-14",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml"
"name" : "HPSBUX02153", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" "name": "HPSBUX02156",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579"
"name" : "HPSBUX02156", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579" "name": "27360",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27360"
"name" : "SSRT061181", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" "name": "HPSBUX02153",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
"name" : "SSRT061236", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579" "name": "27298",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27298"
"name" : "MDKSA-2007:202", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202" "name": "27315",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27315"
"name" : "MDVSA-2007:047", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2007:047" "name": "27327",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27327"
"name" : "MDVSA-2008:047", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:047" "name": "ADV-2007-3544",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3544"
"name" : "RHSA-2007:0979", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0979.html" "name": "27276",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27276"
"name" : "RHSA-2007:0980", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0980.html" "name": "USN-535-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/535-1/"
"name" : "RHSA-2007:0981", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0981.html" "name": "DSA-1391",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1391"
"name" : "231441", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1" "name": "GLSA-200711-24",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200711-24.xml"
"name" : "201516", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1" "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=372309,387955,390078,393537",
}, "refsource": "MISC",
{ "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=372309,387955,390078,393537"
"name" : "1018977", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1" "name": "28179",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28179"
"name" : "SUSE-SA:2007:057", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html" "name": "1018977",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1"
"name" : "SUSE-SR:2008:002", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html" "name": "1018834",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018834"
"name" : "USN-535-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/535-1/" "name": "DSA-1401",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1401"
"name" : "USN-536-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-536-1" "name": "DSA-1392",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1392"
"name" : "VU#755513", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/755513" "name": "RHSA-2007:0980",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0980.html"
"name" : "26132", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26132" "name": "27383",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27383"
"name" : "oval:org.mitre.oval:def:9622", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9622" "name": "SUSE-SA:2007:057",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html"
"name" : "ADV-2007-3544", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3544" "name": "MDVSA-2007:047",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2007:047"
"name" : "ADV-2007-3545", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3545" "name": "mozilla-multiple-java-code-execution(37282)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37282"
"name" : "ADV-2007-4272", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/4272" "name": "27356",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27356"
"name" : "ADV-2007-3587", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3587" "name": "oval:org.mitre.oval:def:9622",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9622"
"name" : "ADV-2008-0082", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0082" "name": "RHSA-2007:0981",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0981.html"
"name" : "ADV-2008-0083", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0083" "name": "27704",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27704"
"name" : "ADV-2008-0643", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0643" "name": "ADV-2008-0083",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0083"
"name" : "1018834", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018834" "name": "27387",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27387"
"name" : "1018835", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018835" "name": "http://bugs.gentoo.org/show_bug.cgi?id=196481",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.gentoo.org/show_bug.cgi?id=196481"
"name" : "27276", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27276" "name": "SSRT061236",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579"
"name" : "27325", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27325" "name": "FEDORA-2007-3431",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html"
"name" : "27327", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27327" "name": "27313",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27313"
"name" : "27335", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27335" "name": "27403",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27403"
"name" : "27356", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27356" "name": "27336",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27336"
"name" : "27383", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27383" "name": "ADV-2008-0082",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0082"
"name" : "27425", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27425" "name": "231441",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1"
"name" : "27403", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27403" "name": "DSA-1396",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1396"
"name" : "27480", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27480" "name": "27425",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27425"
"name" : "27387", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27387" "name": "28398",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28398"
"name" : "27298", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27298" "name": "ADV-2007-4272",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/4272"
"name" : "27311", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27311" "name": "27311",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27311"
"name" : "27313", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27313" "name": "SSRT061181",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
"name" : "27315", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27315" "name": "27325",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27325"
"name" : "27326", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27326" "name": "MDKSA-2007:202",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202"
"name" : "27336", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27336" "name": "27665",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27665"
"name" : "27665", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27665" "name": "RHSA-2007:0979",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0979.html"
"name" : "27704", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27704" "name": "27335",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27335"
"name" : "27414", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27414" "name": "https://issues.rpath.com/browse/RPL-1884",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1884"
"name" : "27680", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27680" "name": "28636",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28636"
"name" : "28179", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28179" "name": "27326",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27326"
"name" : "27360", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27360" "name": "FEDORA-2007-2664",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html"
"name" : "28363", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28363" "name": "28363",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28363"
"name" : "28398", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28398" "name": "27480",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27480"
"name" : "28636", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28636" "name": "27680",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27680"
"name" : "mozilla-multiple-java-code-execution(37282)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37282" "name": "26132",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/26132"
} },
{
"name": "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html"
},
{
"name": "201516",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1"
},
{
"name": "20071029 rPSA-2007-0225-2 firefox thunderbird",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482932/100/200/threaded"
},
{
"name": "USN-536-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-536-1"
}
]
}
} }

178
2007/5xxx/CVE-2007-5537.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5537", "ID": "CVE-2007-5537",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071017 Cisco Unified Communications Manager Denial of Service Vulnerabilities", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml" "lang": "eng",
}, "value": "Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822."
{ }
"name" : "26105", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/26105" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-3532", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3532" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37941", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/37941" ]
}, },
{ "references": {
"name" : "1018828", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018828" "name": "26105",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26105"
"name" : "27296", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27296" "name": "cucm-sip-invite-dos(37246)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37246"
"name" : "cucm-sip-invite-dos(37246)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37246" "name": "ADV-2007-3532",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/3532"
} },
{
"name": "20071017 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml"
},
{
"name": "37941",
"refsource": "OSVDB",
"url": "http://osvdb.org/37941"
},
{
"name": "1018828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018828"
},
{
"name": "27296",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27296"
}
]
}
} }

138
2009/2xxx/CVE-2009-2545.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2545", "ID": "CVE-2009-2545",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Advanced Electron Forum (AEF) 1.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the filename in an uploaded attachment. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "55925", "description_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/55925" "lang": "eng",
}, "value": "SQL injection vulnerability in Advanced Electron Forum (AEF) 1.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the filename in an uploaded attachment. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "35646", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/35646" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "aef-filename-sql-injection(51775)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51775" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "55925",
"refsource": "OSVDB",
"url": "http://osvdb.org/55925"
},
{
"name": "aef-filename-sql-injection(51775)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51775"
},
{
"name": "35646",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35646"
}
]
}
} }

32
2009/2xxx/CVE-2009-2706.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2009-2706", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2009-2706",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none."
} }
] ]
} }
} }

148
2009/3xxx/CVE-2009-3396.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2009-3396", "ID": "CVE-2009-3396",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.0, 9.1, 9.2.3, 10.0.1, and 10.3 allows remote attackers to affect integrity, related to WLS Console."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.0, 9.1, 9.2.3, 10.0.1, and 10.3 allows remote attackers to affect integrity, related to WLS Console."
{ }
"name" : "TA09-294A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36766", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36766" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1023062", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1023062" ]
} },
] "references": {
} "reference_data": [
{
"name": "36766",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36766"
},
{
"name": "1023062",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023062"
},
{
"name": "TA09-294A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html"
}
]
}
} }

128
2015/0xxx/CVE-2015-0613.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0613", "ID": "CVE-2015-0613",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (core dump and restart) via crafted SIP INVITE messages, aka Bug ID CSCul20444."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150401 Multiple Vulnerabilities in Cisco Unity Connection", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc" "lang": "eng",
}, "value": "The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (core dump and restart) via crafted SIP INVITE messages, aka Bug ID CSCul20444."
{ }
"name" : "1032010", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1032010" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150401 Multiple Vulnerabilities in Cisco Unity Connection",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc"
},
{
"name": "1032010",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032010"
}
]
}
} }

128
2015/0xxx/CVE-2015-0727.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0727", "ID": "CVE-2015-0727",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the HTTP module in Cisco Security Manager (CSM) 4.7(0)SP1(1) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut27789."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150513 Cisco Security Manager Cross-Site Scripting Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=38788" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the HTTP module in Cisco Security Manager (CSM) 4.7(0)SP1(1) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut27789."
{ }
"name" : "1032326", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1032326" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150513 Cisco Security Manager Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38788"
},
{
"name": "1032326",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032326"
}
]
}
} }

128
2015/0xxx/CVE-2015-0736.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0736", "ID": "CVE-2015-0736",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense 10.5(1) and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu16728."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150514 Cisco MediaSense Cross-Site Request Forgery Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=38869" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense 10.5(1) and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu16728."
{ }
"name" : "1032336", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1032336" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032336",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032336"
},
{
"name": "20150514 Cisco MediaSense Cross-Site Request Forgery Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38869"
}
]
}
} }

32
2015/0xxx/CVE-2015-0842.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-0842", "ID": "CVE-2015-0842",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2015/4xxx/CVE-2015-4019.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4019", "ID": "CVE-2015-4019",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

148
2015/4xxx/CVE-2015-4082.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4082", "ID": "CVE-2015-4082",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to \"unencrypted / without key file\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150531 Re: CVE request for attic : encrypted backups attack", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/05/31/3" "lang": "eng",
}, "value": "attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive information by changing the manifest type byte of the repository to \"unencrypted / without key file\"."
{ }
"name" : "https://github.com/jborg/attic/commit/78f9ad1faba7193ca7f0acccbc13b1ff6ebf9072", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/jborg/attic/commit/78f9ad1faba7193ca7f0acccbc13b1ff6ebf9072" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/jborg/attic/issues/271", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/jborg/attic/issues/271" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "74821", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/74821" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://github.com/jborg/attic/issues/271",
"refsource": "CONFIRM",
"url": "https://github.com/jborg/attic/issues/271"
},
{
"name": "https://github.com/jborg/attic/commit/78f9ad1faba7193ca7f0acccbc13b1ff6ebf9072",
"refsource": "CONFIRM",
"url": "https://github.com/jborg/attic/commit/78f9ad1faba7193ca7f0acccbc13b1ff6ebf9072"
},
{
"name": "[oss-security] 20150531 Re: CVE request for attic : encrypted backups attack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/3"
},
{
"name": "74821",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74821"
}
]
}
} }

32
2015/4xxx/CVE-2015-4096.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4096", "ID": "CVE-2015-4096",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2015/4xxx/CVE-2015-4383.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4383", "ID": "CVE-2015-4383",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the Decisions module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that remove individual voters via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/04/25/6" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in the Decisions module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that remove individual voters via unspecified vectors."
{ }
"name" : "https://www.drupal.org/node/2459349", ]
"refsource" : "MISC", },
"url" : "https://www.drupal.org/node/2459349" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "74344", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74344" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/04/25/6"
},
{
"name": "https://www.drupal.org/node/2459349",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2459349"
},
{
"name": "74344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74344"
}
]
}
} }

158
2015/8xxx/CVE-2015-8330.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8330", "ID": "CVE-2015-8330",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers to cause a denial of service (memory corruption and agent crash) via crafted xMII requests, aka SAP Security Note 2238619."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160212 [ERPSCAN-15-032] SAP PCo agent â?? DoS vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/537517/100/0/threaded" "lang": "eng",
}, "value": "The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers to cause a denial of service (memory corruption and agent crash) via crafted xMII requests, aka SAP Security Note 2238619."
{ }
"name" : "20160212 [ERPSCAN-15-032] SAP PCo agent - DoS vulnerability", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2016/Feb/69" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://erpscan.io/advisories/erpscan-15-032-sap-pco-agent-dos-vulnerability/", "description": [
"refsource" : "MISC", {
"url" : "https://erpscan.io/advisories/erpscan-15-032-sap-pco-agent-dos-vulnerability/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.onapsis.com/blog/analyzing-sap-security-notes-november-2015", ]
"refsource" : "MISC", }
"url" : "https://www.onapsis.com/blog/analyzing-sap-security-notes-november-2015" ]
}, },
{ "references": {
"name" : "http://packetstormsecurity.com/files/135775/SAP-PCo-2.2-2.3-15.0-15.1-Denial-Of-Service.html", "reference_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/135775/SAP-PCo-2.2-2.3-15.0-15.1-Denial-Of-Service.html" "name": "20160212 [ERPSCAN-15-032] SAP PCo agent - DoS vulnerability",
} "refsource": "FULLDISC",
] "url": "http://seclists.org/fulldisclosure/2016/Feb/69"
} },
{
"name": "https://www.onapsis.com/blog/analyzing-sap-security-notes-november-2015",
"refsource": "MISC",
"url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-november-2015"
},
{
"name": "https://erpscan.io/advisories/erpscan-15-032-sap-pco-agent-dos-vulnerability/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-15-032-sap-pco-agent-dos-vulnerability/"
},
{
"name": "20160212 [ERPSCAN-15-032] SAP PCo agent â?? DoS vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537517/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/135775/SAP-PCo-2.2-2.3-15.0-15.1-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135775/SAP-PCo-2.2-2.3-15.0-15.1-Denial-Of-Service.html"
}
]
}
} }

288
2015/8xxx/CVE-2015-8567.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-8567", "ID": "CVE-2015-8567",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20151215 Re: CVE request Qemu: net: vmxnet3: host memory leakage", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/12/15/10" "lang": "eng",
}, "value": "Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption)."
{ }
"name" : "[qemu-devel] 20151215 Re: [Qemu-devel] net: vmxnet3: memory leakage issue", ]
"refsource" : "MLIST", },
"url" : "https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3471", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3471" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2016-275e9ff483", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176558.html" ]
}, },
{ "references": {
"name" : "FEDORA-2016-2c15b72b01", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176300.html" "name": "SUSE-SU-2016:1560",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00017.html"
"name" : "FEDORA-2016-42778e8c82", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175967.html" "name": "79721",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/79721"
"name" : "FEDORA-2016-e1784417af", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176503.html" "name": "SUSE-SU-2016:1703",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00058.html"
"name" : "GLSA-201602-01", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201602-01" "name": "openSUSE-SU-2016:0126",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00012.html"
"name" : "SUSE-SU-2016:0873", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00087.html" "name": "USN-2891-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2891-1"
"name" : "SUSE-SU-2016:0955", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00002.html" "name": "openSUSE-SU-2016:0123",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00010.html"
"name" : "SUSE-SU-2016:1318", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00049.html" "name": "FEDORA-2016-275e9ff483",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176558.html"
"name" : "SUSE-SU-2016:1560", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00017.html" "name": "FEDORA-2016-42778e8c82",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175967.html"
"name" : "SUSE-SU-2016:1703", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00058.html" "name": "[oss-security] 20151215 Re: CVE request Qemu: net: vmxnet3: host memory leakage",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/12/15/10"
"name" : "openSUSE-SU-2016:0123", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00010.html" "name": "SUSE-SU-2016:0955",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00002.html"
"name" : "openSUSE-SU-2016:0126", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00012.html" "name": "[qemu-devel] 20151215 Re: [Qemu-devel] net: vmxnet3: memory leakage issue",
}, "refsource": "MLIST",
{ "url": "https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html"
"name" : "openSUSE-SU-2016:1750", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00003.html" "name": "FEDORA-2016-2c15b72b01",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176300.html"
"name" : "USN-2891-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2891-1" "name": "DSA-3471",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3471"
"name" : "79721", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/79721" "name": "SUSE-SU-2016:1318",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00049.html"
} },
{
"name": "SUSE-SU-2016:0873",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00087.html"
},
{
"name": "FEDORA-2016-e1784417af",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176503.html"
},
{
"name": "GLSA-201602-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201602-01"
},
{
"name": "openSUSE-SU-2016:1750",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00003.html"
}
]
}
} }

138
2015/8xxx/CVE-2015-8580.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8580", "ID": "CVE-2015-8580",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple use-after-free vulnerabilities in the (1) Print method and (2) App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary code via a crafted PDF document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-622", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-622" "lang": "eng",
}, "value": "Multiple use-after-free vulnerabilities in the (1) Print method and (2) App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary code via a crafted PDF document."
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-623", ]
"refsource" : "MISC", },
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-623" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-34", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-34" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-622",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-622"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-623",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-623"
},
{
"name": "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-34",
"refsource": "CONFIRM",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php#FRD-34"
}
]
}
} }

228
2015/8xxx/CVE-2015-8651.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-8651", "ID": "CVE-2015-8651",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html" "lang": "eng",
}, "value": "Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors."
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", ]
"refsource" : "CONFIRM", },
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "description": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", ]
"refsource" : "CONFIRM", }
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" ]
}, },
{ "references": {
"name" : "GLSA-201601-03", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201601-03" "name": "openSUSE-SU-2015:2403",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html"
"name" : "RHSA-2015:2697", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2697.html" "name": "1034544",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1034544"
"name" : "SUSE-SU-2015:2401", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html" "name": "RHSA-2015:2697",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html"
"name" : "SUSE-SU-2015:2402", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
"name" : "openSUSE-SU-2015:2400", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html" "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html",
}, "refsource": "CONFIRM",
{ "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html"
"name" : "openSUSE-SU-2015:2403", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html" "name": "79705",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/79705"
"name" : "79705", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/79705" "name": "SUSE-SU-2015:2401",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html"
"name" : "1034544", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034544" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
} "refsource": "CONFIRM",
] "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
} },
{
"name": "SUSE-SU-2015:2402",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html"
},
{
"name": "openSUSE-SU-2015:2400",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html"
},
{
"name": "GLSA-201601-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201601-03"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
}
]
}
} }

118
2015/8xxx/CVE-2015-8676.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8676", "ID": "CVE-2015-8676",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; S9300, S7700, and S9700 Campus series switches with software V200R001C00 before V200R001SPH023, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote attackers to cause a denial of service (memory consumption and reboot) via a large number of ICMPv6 packets."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160113-02-switch-en", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160113-02-switch-en" "lang": "eng",
} "value": "Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switches with software V200R001C00 before V200R001SPH018, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; S9300, S7700, and S9700 Campus series switches with software V200R001C00 before V200R001SPH023, V200R002C00 before V200R003SPH011, and V200R003C00 before V200R003SPH011; and S2300 and S3300 Campus series switches with software V100R006C05 before V100R006SPH022 allows remote attackers to cause a denial of service (memory consumption and reboot) via a large number of ICMPv6 packets."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160113-02-switch-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160113-02-switch-en"
}
]
}
} }

32
2016/5xxx/CVE-2016-5912.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5912", "ID": "CVE-2016-5912",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2018/2xxx/CVE-2018-2086.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2086", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2086",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

32
2018/2xxx/CVE-2018-2328.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2328", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2328",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

180
2018/2xxx/CVE-2018-2402.json
View File

@ -1,93 +1,93 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2018-2402", "ID": "CVE-2018-2402",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP HANA", "product_name": "SAP HANA",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "1.0" "version_value": "1.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "2.0" "version_value": "2.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP SE" "vendor_name": "SAP SE"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In systems using the optional capture & replay functionality of SAP HANA, 1.00 and 2.00, (see SAP Note 2362820 for more information about capture & replay), user credentials may be stored in clear text in the indexserver trace files of the control system. An attacker with the required authorizations on the control system may be able to access the user credentials and gain unauthorized access to data in the captured or target system."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "HIGH",
"attackVector" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.6,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "HIGH",
"scope" : "CHANGED",
"userInteraction" : "REQUIRED",
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/" "lang": "eng",
}, "value": "In systems using the optional capture & replay functionality of SAP HANA, 1.00 and 2.00, (see SAP Note 2362820 for more information about capture & replay), user credentials may be stored in clear text in the indexserver trace files of the control system. An attacker with the required authorizations on the control system may be able to access the user credentials and gain unauthorized access to data in the captured or target system."
{ }
"name" : "https://launchpad.support.sap.com/#/notes/2587369", ]
"refsource" : "CONFIRM", },
"url" : "https://launchpad.support.sap.com/#/notes/2587369" "impact": {
}, "cvss": {
{ "attackComplexity": "HIGH",
"name" : "103369", "attackVector": "NONE",
"refsource" : "BID", "availabilityImpact": "HIGH",
"url" : "http://www.securityfocus.com/bid/103369" "baseScore": 7.6,
} "baseSeverity": "HIGH",
] "confidentialityImpact": "HIGH",
} "integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/",
"refsource": "CONFIRM",
"url": "https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/"
},
{
"name": "103369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103369"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2587369",
"refsource": "CONFIRM",
"url": "https://launchpad.support.sap.com/#/notes/2587369"
}
]
}
} }

32
2018/6xxx/CVE-2018-6150.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6150", "ID": "CVE-2018-6150",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

118
2018/7xxx/CVE-2018-7454.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7454", "ID": "CVE-2018-7454",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://forum.xpdfreader.com/viewtopic.php?f=3&t=613", "description_data": [
"refsource" : "MISC", {
"url" : "https://forum.xpdfreader.com/viewtopic.php?f=3&t=613" "lang": "eng",
} "value": "A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=613",
"refsource": "MISC",
"url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=613"
}
]
}
} }

200
2018/7xxx/CVE-2018-7688.json
View File

@ -1,103 +1,103 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@suse.de", "ASSIGNER": "security@suse.com",
"DATE_PUBLIC" : "2018-06-06T00:00:00.000Z", "DATE_PUBLIC": "2018-06-06T00:00:00.000Z",
"ID" : "CVE-2018-7688", "ID": "CVE-2018-7688",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Open Build Service accepts arbitrary reviews" "TITLE": "Open Build Service accepts arbitrary reviews"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Open Build Service", "product_name": "Open Build Service",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "2.9.3" "version_value": "2.9.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "openSUSE" "vendor_name": "openSUSE"
} }
]
}
},
"credit" : [
{
"lang" : "eng",
"value" : "Marcus Hüwe"
}
],
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "LOW",
"baseScore" : 7.1,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"privilegesRequired" : "LOW",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-862"
}
] ]
} }
] },
}, "credit": [
"references" : { {
"reference_data" : [ "lang": "eng",
{ "value": "Marcus H\u00fcwe"
"name" : "[opensuse-buildservice] 20180606 Open Build Service 2.9.3 released", }
"refsource" : "MLIST", ],
"url" : "https://lists.opensuse.org/opensuse-buildservice/2018-06/msg00014.html" "data_format": "MITRE",
}, "data_type": "CVE",
{ "data_version": "4.0",
"name" : "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2018-7688", "description": {
"refsource" : "CONFIRM", "description_data": [
"url" : "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2018-7688" {
}, "lang": "eng",
{ "value": "A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions."
"name" : "https://github.com/openSUSE/open-build-service/commit/b15cf19e9e01115f653c76ffdc8f54cd97566553", }
"refsource" : "CONFIRM", ]
"url" : "https://github.com/openSUSE/open-build-service/commit/b15cf19e9e01115f653c76ffdc8f54cd97566553" },
} "impact": {
] "cvss": {
}, "attackComplexity": "LOW",
"source" : { "attackVector": "NETWORK",
"defect" : [ "availabilityImpact": "LOW",
"1094820" "baseScore": 7.1,
], "baseSeverity": "HIGH",
"discovery" : "EXTERNAL" "confidentialityImpact": "NONE",
} "integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/openSUSE/open-build-service/commit/b15cf19e9e01115f653c76ffdc8f54cd97566553",
"refsource": "CONFIRM",
"url": "https://github.com/openSUSE/open-build-service/commit/b15cf19e9e01115f653c76ffdc8f54cd97566553"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2018-7688",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2018-7688"
},
{
"name": "[opensuse-buildservice] 20180606 Open Build Service 2.9.3 released",
"refsource": "MLIST",
"url": "https://lists.opensuse.org/opensuse-buildservice/2018-06/msg00014.html"
}
]
},
"source": {
"defect": [
"1094820"
],
"discovery": "EXTERNAL"
}
} }

138
2018/7xxx/CVE-2018-7739.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7739", "ID": "CVE-2018-7739",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=>&password=%0a string to the /login URI. This allows obtaining root permissions within the web management console, because the login process uses Java's ProcessBuilder class and a bash script called antsle-auth with insufficient input validation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "44220", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/44220/" "lang": "eng",
}, "value": "antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=>&password=%0a string to the /login URI. This allows obtaining root permissions within the web management console, because the login process uses Java's ProcessBuilder class and a bash script called antsle-auth with insufficient input validation."
{ }
"name" : "44262", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/44262/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://blog.codecatoctin.com/2018/02/antman-authentication-bypass.html", "description": [
"refsource" : "MISC", {
"url" : "http://blog.codecatoctin.com/2018/02/antman-authentication-bypass.html" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "44262",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44262/"
},
{
"name": "http://blog.codecatoctin.com/2018/02/antman-authentication-bypass.html",
"refsource": "MISC",
"url": "http://blog.codecatoctin.com/2018/02/antman-authentication-bypass.html"
},
{
"name": "44220",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44220/"
}
]
}
} }

118
2018/7xxx/CVE-2018-7793.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cybersecurity@se.com", "ASSIGNER": "cybersecurity@schneider-electric.com",
"ID" : "CVE-2018-7793", "ID": "CVE-2018-7793",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.)", "product_name": "FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.)" "version_value": "FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Schneider Electric SE" "vendor_name": "Schneider Electric SE"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A Credential Management vulnerability exists in FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.) which could cause unauthorized disclosure, modification, or disruption in service when the password is modified without permission."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Credential Management"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/" "lang": "eng",
} "value": "A Credential Management vulnerability exists in FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.) which could cause unauthorized disclosure, modification, or disruption in service when the password is modified without permission."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Credential Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/",
"refsource": "CONFIRM",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/"
}
]
}
} }

32
2018/7xxx/CVE-2018-7821.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7821", "ID": "CVE-2018-7821",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/1xxx/CVE-2019-1323.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1323", "ID": "CVE-2019-1323",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/1xxx/CVE-2019-1549.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1549", "ID": "CVE-2019-1549",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/1xxx/CVE-2019-1806.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1806", "ID": "CVE-2019-1806",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5144.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5144", "ID": "CVE-2019-5144",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5482.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5482", "ID": "CVE-2019-5482",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5947.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5947", "ID": "CVE-2019-5947",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }