admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:17:59 +00:00
parent ca63507b22
commit de3761ccb5
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
63 changed files with 4439 additions and 4439 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

140
1999/0xxx/CVE-1999-0871.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0871", "ID": "CVE-1999-0871",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the \"Cross Frame Navigate\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS98-013", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-013" "lang": "eng",
}, "value": "Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the \"Cross Frame Navigate\" vulnerability."
{ }
"name" : "7837", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/7837" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ie-crossframe-file-read(3668)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3668" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "7837",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7837"
},
{
"name": "ie-crossframe-file-read(3668)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3668"
},
{
"name": "MS98-013",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-013"
}
]
}
}

120
1999/0xxx/CVE-1999-0961.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0961", "ID": "CVE-1999-0961",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19960921 Vunerability in HP sysdiag ?", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=87602167419906&w=2" "lang": "eng",
} "value": "HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19960921 Vunerability in HP sysdiag ?",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=87602167419906&w=2"
}
]
}
}

200
2007/0xxx/CVE-2007-0324.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2007-0324", "ID": "CVE-2007-0324",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in the LizardTech DjVu Browser Plug-in before 6.1.1 allow remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070215 Lizardtech DjVu Browser Plug-in - Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/460197/100/0/threaded" "lang": "eng",
}, "value": "Multiple buffer overflows in the LizardTech DjVu Browser Plug-in before 6.1.1 allow remote attackers to execute arbitrary code via unspecified vectors."
{ }
"name" : "http://www.lizardtech.com/products/doc/djvupluginrelease.php", ]
"refsource" : "MISC", },
"url" : "http://www.lizardtech.com/products/doc/djvupluginrelease.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#522393", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/522393" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22569", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/22569" ]
}, },
{ "references": {
"name" : "ADV-2007-0618", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0618" "name": "2259",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2259"
"name" : "33199", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33199" "name": "33199",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/33199"
"name" : "24149", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24149" "name": "djvu-browser-multiple-bo(32510)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32510"
"name" : "2259", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2259" "name": "ADV-2007-0618",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0618"
"name" : "djvu-browser-multiple-bo(32510)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32510" "name": "24149",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24149"
} },
} {
"name": "22569",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22569"
},
{
"name": "VU#522393",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/522393"
},
{
"name": "http://www.lizardtech.com/products/doc/djvupluginrelease.php",
"refsource": "MISC",
"url": "http://www.lizardtech.com/products/doc/djvupluginrelease.php"
},
{
"name": "20070215 Lizardtech DjVu Browser Plug-in - Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460197/100/0/threaded"
}
]
}
}

170
2007/0xxx/CVE-2007-0421.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0421", "ID": "CVE-2007-0421",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "BEA WebLogic Server 6.1 through 6.1 SP7, and 7.0 through 7.0 SP7 allows remote attackers to cause a denial of service (disk consumption) via requests containing malformed headers, which cause a large amount of data to be written to the server log."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "BEA07-148.00", "description_data": [
"refsource" : "BEA", {
"url" : "http://dev2dev.bea.com/pub/advisory/215" "lang": "eng",
}, "value": "BEA WebLogic Server 6.1 through 6.1 SP7, and 7.0 through 7.0 SP7 allows remote attackers to cause a denial of service (disk consumption) via requests containing malformed headers, which cause a large amount of data to be written to the server log."
{ }
"name" : "22082", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22082" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0213", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0213" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "32859", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/32859" ]
}, },
{ "references": {
"name" : "1017525", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017525" "name": "1017525",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1017525"
"name" : "23750", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23750" "name": "23750",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/23750"
} },
} {
"name": "22082",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22082"
},
{
"name": "32859",
"refsource": "OSVDB",
"url": "http://osvdb.org/32859"
},
{
"name": "BEA07-148.00",
"refsource": "BEA",
"url": "http://dev2dev.bea.com/pub/advisory/215"
},
{
"name": "ADV-2007-0213",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0213"
}
]
}
}

150
2007/0xxx/CVE-2007-0904.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0904", "ID": "CVE-2007-0904",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in projects.php in LightRO CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3286", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3286" "lang": "eng",
}, "value": "SQL injection vulnerability in projects.php in LightRO CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter to index.php."
{ }
"name" : "ADV-2007-0540", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/0540" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34598", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34598" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "lightro-index-sql-injection(32347)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32347" ]
} },
] "references": {
} "reference_data": [
} {
"name": "34598",
"refsource": "OSVDB",
"url": "http://osvdb.org/34598"
},
{
"name": "lightro-index-sql-injection(32347)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32347"
},
{
"name": "ADV-2007-0540",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0540"
},
{
"name": "3286",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3286"
}
]
}
}

540
2007/1xxx/CVE-2007-1003.json
View File

@ -1,272 +1,272 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-1003", "ID": "CVE-2007-1003",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070403 Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=503" "lang": "eng",
}, "value": "Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in memory corruption."
{ }
"name" : "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/464686/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070405 FLEA-2007-0009-1: xorg-x11 freetype", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/464816/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont", ]
"refsource" : "MLIST", }
"url" : "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html" ]
}, },
{ "references": {
"name" : "http://issues.foresightlinux.org/browse/FL-223", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://issues.foresightlinux.org/browse/FL-223" "name": "20070403 Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability",
}, "refsource": "IDEFENSE",
{ "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=503"
"name" : "https://issues.rpath.com/browse/RPL-1213", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1213" "name": "23284",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23284"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm" "name": "24745",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24745"
"name" : "DSA-1294", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1294" "name": "oval:org.mitre.oval:def:1980",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1980"
"name" : "GLSA-200705-10", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200705-10.xml" "name": "29622",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29622"
"name" : "MDKSA-2007:079", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079" "name": "SUSE-SR:2008:008",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
"name" : "MDKSA-2007:080", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080" "name": "24771",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24771"
"name" : "[3.9] 021: SECURITY FIX: April 4, 2007", },
"refsource" : "OPENBSD", {
"url" : "http://www.openbsd.org/errata39.html#021_xorg" "name": "24770",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24770"
"name" : "[4.0] 011: SECURITY FIX: April 4, 2007", },
"refsource" : "OPENBSD", {
"url" : "http://www.openbsd.org/errata40.html#011_xorg" "name": "25006",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25006"
"name" : "RHSA-2007:0126", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0126.html" "name": "24756",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24756"
"name" : "RHSA-2007:0125", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0125.html" "name": "RHSA-2007:0126",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
"name" : "RHSA-2007:0127", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0127.html" "name": "23300",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23300"
"name" : "102886", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1" "name": "GLSA-200705-10",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
"name" : "SUSE-SA:2007:027", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_27_x.html" "name": "USN-448-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-448-1"
"name" : "SUSE-SR:2008:008", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html" "name": "MDKSA-2007:080",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
"name" : "USN-448-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-448-1" "name": "24758",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24758"
"name" : "23284", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23284" "name": "1017857",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1017857"
"name" : "23300", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23300" "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
"name" : "oval:org.mitre.oval:def:9798", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9798" "name": "25195",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25195"
"name" : "ADV-2007-1217", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1217" "name": "RHSA-2007:0125",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
"name" : "ADV-2007-1548", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1548" "name": "24741",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24741"
"name" : "oval:org.mitre.oval:def:1980", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1980" "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
}, "refsource": "MLIST",
{ "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
"name" : "1017857", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017857" "name": "24791",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24791"
"name" : "24741", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24741" "name": "SUSE-SA:2007:027",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
"name" : "24756", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24756" "name": "RHSA-2007:0127",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0127.html"
"name" : "24770", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24770" "name": "DSA-1294",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1294"
"name" : "24745", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24745" "name": "24765",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24765"
"name" : "24758", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24758" "name": "25216",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25216"
"name" : "24765", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24765" "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
"name" : "24771", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24771" "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
"name" : "24772", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24772" "name": "xorg-xcmisc-overflow(33424)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33424"
"name" : "24791", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24791" "name": "ADV-2007-1548",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1548"
"name" : "25004", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25004" "name": "102886",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
"name" : "25006", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25006" "name": "ADV-2007-1217",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1217"
"name" : "25195", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25195" "name": "[4.0] 011: SECURITY FIX: April 4, 2007",
}, "refsource": "OPENBSD",
{ "url": "http://www.openbsd.org/errata40.html#011_xorg"
"name" : "25216", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25216" "name": "https://issues.rpath.com/browse/RPL-1213",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1213"
"name" : "25305", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25305" "name": "25004",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25004"
"name" : "29622", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29622" "name": "25305",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25305"
"name" : "xorg-xcmisc-overflow(33424)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33424" "name": "24772",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24772"
} },
} {
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"name": "oval:org.mitre.oval:def:9798",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9798"
},
{
"name": "http://issues.foresightlinux.org/browse/FL-223",
"refsource": "CONFIRM",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
]
}
}

200
2007/1xxx/CVE-2007-1268.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1268", "ID": "CVE-2007-1268",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mutt 1.5.13 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Mutt from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability ", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/461958/100/0/threaded" "lang": "eng",
}, "value": "Mutt 1.5.13 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Mutt from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection."
{ }
"name" : "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/461958/30/7710/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[gnupg-users] 20070306 [Announce] Multiple Messages Problem in GnuPG and GPGME", "description": [
"refsource" : "MLIST", {
"url" : "http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.coresecurity.com/?action=item&id=1687", ]
"refsource" : "MISC", }
"url" : "http://www.coresecurity.com/?action=item&id=1687" ]
}, },
{ "references": {
"name" : "22778", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22778" "name": "[gnupg-users] 20070306 [Announce] Multiple Messages Problem in GnuPG and GPGME",
}, "refsource": "MLIST",
{ "url": "http://lists.gnupg.org/pipermail/gnupg-users/2007-March/030514.html"
"name" : "ADV-2007-0835", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0835" "name": "24415",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24415"
"name" : "1017727", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017727" "name": "2353",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2353"
"name" : "24415", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24415" "name": "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/461958/30/7710/threaded"
"name" : "2353", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2353" "name": "http://www.coresecurity.com/?action=item&id=1687",
} "refsource": "MISC",
] "url": "http://www.coresecurity.com/?action=item&id=1687"
} },
} {
"refsource": "BUGTRAQ",
"name": "20070305 CORE-2007-0115: GnuPG and GnuPG clients unsigned data injection vulnerability",
"url": "http://www.securityfocus.com/archive/1/461958/100/0/threaded"
},
{
"name": "22778",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22778"
},
{
"name": "1017727",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017727"
},
{
"name": "ADV-2007-0835",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0835"
}
]
}
}

170
2007/1xxx/CVE-2007-1292.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1292", "ID": "CVE-2007-1292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in inlinemod.php in Jelsoft vBulletin before 3.5.8, and before 3.6.5 in the 3.6.x series, might allow remote authenticated users to execute arbitrary SQL commands via the postids parameter. NOTE: the vendor states that the attack is feasible only in circumstances \"almost impossible to achieve.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3387", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3387" "lang": "eng",
}, "value": "SQL injection vulnerability in inlinemod.php in Jelsoft vBulletin before 3.5.8, and before 3.6.5 in the 3.6.x series, might allow remote authenticated users to execute arbitrary SQL commands via the postids parameter. NOTE: the vendor states that the attack is feasible only in circumstances \"almost impossible to achieve.\""
{ }
"name" : "http://www.vbulletin.com/forum/showthread.php?postid=1314422", ]
"refsource" : "CONFIRM", },
"url" : "http://www.vbulletin.com/forum/showthread.php?postid=1314422" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22780", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22780" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33835", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/33835" ]
}, },
{ "references": {
"name" : "24341", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24341" "name": "33835",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/33835"
"name" : "vbulletin-inlinemod-sql-injection(32746)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32746" "name": "http://www.vbulletin.com/forum/showthread.php?postid=1314422",
} "refsource": "CONFIRM",
] "url": "http://www.vbulletin.com/forum/showthread.php?postid=1314422"
} },
} {
"name": "24341",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24341"
},
{
"name": "vbulletin-inlinemod-sql-injection(32746)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32746"
},
{
"name": "3387",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3387"
},
{
"name": "22780",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22780"
}
]
}
}

320
2007/1xxx/CVE-2007-1521.json
View File

@ -1,162 +1,162 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1521", "ID": "CVE-2007-1521",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.php-security.org/MOPB/MOPB-22-2007.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.php-security.org/MOPB/MOPB-22-2007.html" "lang": "eng",
}, "value": "Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation."
{ }
"name" : "http://us2.php.net/releases/4_4_7.php", ]
"refsource" : "CONFIRM", },
"url" : "http://us2.php.net/releases/4_4_7.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://us2.php.net/releases/5_2_2.php", "description": [
"refsource" : "CONFIRM", {
"url" : "http://us2.php.net/releases/5_2_2.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://docs.info.apple.com/article.html?artnum=306172", ]
"refsource" : "CONFIRM", }
"url" : "http://docs.info.apple.com/article.html?artnum=306172" ]
}, },
{ "references": {
"name" : "APPLE-SA-2007-07-31", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html" "name": "ADV-2007-0960",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0960"
"name" : "DSA-1282", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1282" "name": "ADV-2007-2732",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2732"
"name" : "DSA-1283", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1283" "name": "25056",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25056"
"name" : "GLSA-200705-19", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200705-19.xml" "name": "DSA-1283",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1283"
"name" : "SUSE-SA:2007:032", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html" "name": "24505",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24505"
"name" : "USN-455-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-455-1" "name": "APPLE-SA-2007-07-31",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
"name" : "22968", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22968" "name": "GLSA-200705-19",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
"name" : "25159", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25159" "name": "http://us2.php.net/releases/4_4_7.php",
}, "refsource": "CONFIRM",
{ "url": "http://us2.php.net/releases/4_4_7.php"
"name" : "ADV-2007-0960", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0960" "name": "25062",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25062"
"name" : "ADV-2007-2732", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2732" "name": "USN-455-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-455-1"
"name" : "24505", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24505" "name": "DSA-1282",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1282"
"name" : "25025", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25025" "name": "http://us2.php.net/releases/5_2_2.php",
}, "refsource": "CONFIRM",
{ "url": "http://us2.php.net/releases/5_2_2.php"
"name" : "25062", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25062" "name": "http://docs.info.apple.com/article.html?artnum=306172",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=306172"
"name" : "25057", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25057" "name": "http://www.php-security.org/MOPB/MOPB-22-2007.html",
}, "refsource": "MISC",
{ "url": "http://www.php-security.org/MOPB/MOPB-22-2007.html"
"name" : "25056", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25056" "name": "25159",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25159"
"name" : "25445", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25445" "name": "25445",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25445"
"name" : "26235", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26235" "name": "25057",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/25057"
} },
} {
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "25025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25025"
},
{
"name": "22968",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22968"
},
{
"name": "26235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26235"
}
]
}
}

180
2007/1xxx/CVE-2007-1651.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1651", "ID": "CVE-2007-1651",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in OpenID allows remote attackers to restore the login session of a user on an OpenID enabled site via unspecified vectors related to an arbitrary remote web site and cached tokens, after the user has signed into an OpenID server, logged into the OpenID enabled site, and then logged out of the OpenID enabled site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[security] 20070321 MyOpenID", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openid.net/pipermail/security/2007-March/000286.html" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in OpenID allows remote attackers to restore the login session of a user on an OpenID enabled site via unspecified vectors related to an arbitrary remote web site and cached tokens, after the user has signed into an OpenID server, logged into the OpenID enabled site, and then logged out of the OpenID enabled site."
{ }
"name" : "[security] 20070321 MyOpenID", ]
"refsource" : "MLIST", },
"url" : "http://openid.net/pipermail/security/2007-March/000288.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[security] 20070321 MyOpenID", "description": [
"refsource" : "MLIST", {
"url" : "http://openid.net/pipermail/security/2007-March/000291.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[security] 20070321 MyOpenID", ]
"refsource" : "MLIST", }
"url" : "http://openid.net/pipermail/security/2007-March/000306.html" ]
}, },
{ "references": {
"name" : "[security] 20070322 MyOpenID", "reference_data": [
"refsource" : "MLIST", {
"url" : "http://openid.net/pipermail/security/2007-March/000311.html" "name": "[security] 20070321 MyOpenID",
}, "refsource": "MLIST",
{ "url": "http://openid.net/pipermail/security/2007-March/000286.html"
"name" : "http://janrain.com/blog/2007/03/22/myopenid-security-fix/", },
"refsource" : "MISC", {
"url" : "http://janrain.com/blog/2007/03/22/myopenid-security-fix/" "name": "[security] 20070321 MyOpenID",
}, "refsource": "MLIST",
{ "url": "http://openid.net/pipermail/security/2007-March/000288.html"
"name" : "43600", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/43600" "name": "[security] 20070321 MyOpenID",
} "refsource": "MLIST",
] "url": "http://openid.net/pipermail/security/2007-March/000306.html"
} },
} {
"name": "[security] 20070322 MyOpenID",
"refsource": "MLIST",
"url": "http://openid.net/pipermail/security/2007-March/000311.html"
},
{
"name": "http://janrain.com/blog/2007/03/22/myopenid-security-fix/",
"refsource": "MISC",
"url": "http://janrain.com/blog/2007/03/22/myopenid-security-fix/"
},
{
"name": "43600",
"refsource": "OSVDB",
"url": "http://osvdb.org/43600"
},
{
"name": "[security] 20070321 MyOpenID",
"refsource": "MLIST",
"url": "http://openid.net/pipermail/security/2007-March/000291.html"
}
]
}
}

190
2007/5xxx/CVE-2007-5201.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5201", "ID": "CVE-2007-5201",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=442840", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=442840" "lang": "eng",
}, "value": "The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=293081", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=293081" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://duplicity.nongnu.org/CHANGELOG", "description": [
"refsource" : "CONFIRM", {
"url" : "http://duplicity.nongnu.org/CHANGELOG" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2008-1521", ]
"refsource" : "FEDORA", }
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00356.html" ]
}, },
{ "references": {
"name" : "FEDORA-2008-1584", "reference_data": [
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00445.html" "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=442840",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=442840"
"name" : "27771", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/27771" "name": "27771",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/27771"
"name" : "42339", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/42339" "name": "FEDORA-2008-1521",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00356.html"
"name" : "28917", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28917" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=293081",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.redhat.com/show_bug.cgi?id=293081"
} },
} {
"name": "28917",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28917"
},
{
"name": "http://duplicity.nongnu.org/CHANGELOG",
"refsource": "CONFIRM",
"url": "http://duplicity.nongnu.org/CHANGELOG"
},
{
"name": "42339",
"refsource": "OSVDB",
"url": "http://osvdb.org/42339"
},
{
"name": "FEDORA-2008-1584",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00445.html"
}
]
}
}

150
2007/5xxx/CVE-2007-5251.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5251", "ID": "CVE-2007-5251",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote attackers to inject arbitrary web script or HTML via (1) the showOption parameter to domain.asp, or the (2) Folder or (3) StartPath parameter to FileManager.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels-team.blogspot.com/2007/10/helm-xss-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels-team.blogspot.com/2007/10/helm-xss-vuln.html" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote attackers to inject arbitrary web script or HTML via (1) the showOption parameter to domain.asp, or the (2) Folder or (3) StartPath parameter to FileManager.asp."
{ }
"name" : "25940", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25940" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "27080", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27080" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "helm-domain-filemanager-xss(36962)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36962" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://pridels-team.blogspot.com/2007/10/helm-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels-team.blogspot.com/2007/10/helm-xss-vuln.html"
},
{
"name": "25940",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25940"
},
{
"name": "helm-domain-filemanager-xss(36962)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36962"
},
{
"name": "27080",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27080"
}
]
}
}

180
2007/5xxx/CVE-2007-5488.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5488", "ID": "CVE-2007-5488",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) destination numbers, and probably (3) SIP URI, when inserting a record."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071017 AST-2007-023: SQL Injection POC and details", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066744.html" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) destination numbers, and probably (3) SIP URI, when inserting a record."
{ }
"name" : "http://downloads.digium.com/pub/security/AST-2007-023.html", ]
"refsource" : "CONFIRM", },
"url" : "http://downloads.digium.com/pub/security/AST-2007-023.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "26095", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26095" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37880", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/37880" ]
}, },
{ "references": {
"name" : "1018824", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018824" "name": "37880",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37880"
"name" : "27278", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27278" "name": "asterisk-cdraddonmysql-sql-injection(37235)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37235"
"name" : "asterisk-cdraddonmysql-sql-injection(37235)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37235" "name": "1018824",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1018824"
} },
} {
"name": "27278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27278"
},
{
"name": "http://downloads.digium.com/pub/security/AST-2007-023.html",
"refsource": "CONFIRM",
"url": "http://downloads.digium.com/pub/security/AST-2007-023.html"
},
{
"name": "26095",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26095"
},
{
"name": "20071017 AST-2007-023: SQL Injection POC and details",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066744.html"
}
]
}
}

34
2007/5xxx/CVE-2007-5881.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5881", "ID": "CVE-2007-5881",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2007/5xxx/CVE-2007-5998.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5998", "ID": "CVE-2007-5998",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in ads.php in Softbiz Ad Management plus Script 1 allows remote authenticated users to execute arbitrary SQL commands via the package parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4618", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4618" "lang": "eng",
}, "value": "SQL injection vulnerability in ads.php in Softbiz Ad Management plus Script 1 allows remote authenticated users to execute arbitrary SQL commands via the package parameter."
{ }
"name" : "26400", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/26400" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "softbiz-admanagement-ads-sql-injection(38400)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38400" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "26400",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26400"
},
{
"name": "softbiz-admanagement-ads-sql-injection(38400)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38400"
},
{
"name": "4618",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4618"
}
]
}
}

330
2015/3xxx/CVE-2015-3202.json
View File

@ -1,167 +1,167 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-3202", "ID": "CVE-2015-3202",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "37089", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/37089/" "lang": "eng",
}, "value": "fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature."
{ }
"name" : "[oss-security] 20150521 CVE-2015-3202 fuse privilege escalation", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2015/05/21/9" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://gist.github.com/taviso/ecb70eb12d461dd85cba", "description": [
"refsource" : "MISC", {
"url" : "https://gist.github.com/taviso/ecb70eb12d461dd85cba" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://twitter.com/taviso/status/601370527437967360", ]
"refsource" : "MISC", }
"url" : "https://twitter.com/taviso/status/601370527437967360" ]
}, },
{ "references": {
"name" : "http://packetstormsecurity.com/files/132021/Fuse-Local-Privilege-Escalation.html", "reference_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/132021/Fuse-Local-Privilege-Escalation.html" "name": "DSA-3268",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3268"
"name" : "DSA-3266", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3266" "name": "USN-2617-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2617-1"
"name" : "DSA-3268", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3268" "name": "FEDORA-2015-8771",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159543.html"
"name" : "FEDORA-2015-8751", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159831.html" "name": "FEDORA-2015-8782",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160094.html"
"name" : "FEDORA-2015-8756", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159683.html" "name": "FEDORA-2015-8751",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159831.html"
"name" : "FEDORA-2015-8771", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159543.html" "name": "1032386",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032386"
"name" : "FEDORA-2015-8773", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159298.html" "name": "https://gist.github.com/taviso/ecb70eb12d461dd85cba",
}, "refsource": "MISC",
{ "url": "https://gist.github.com/taviso/ecb70eb12d461dd85cba"
"name" : "FEDORA-2015-8777", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160106.html" "name": "74765",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/74765"
"name" : "FEDORA-2015-8782", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160094.html" "name": "FEDORA-2015-8773",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159298.html"
"name" : "GLSA-201603-04", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201603-04" "name": "openSUSE-SU-2015:1003",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00007.html"
"name" : "GLSA-201701-19", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-19" "name": "DSA-3266",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3266"
"name" : "openSUSE-SU-2015:0997", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-06/msg00005.html" "name": "GLSA-201603-04",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201603-04"
"name" : "openSUSE-SU-2015:1003", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-06/msg00007.html" "name": "USN-2617-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2617-2"
"name" : "USN-2617-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2617-1" "name": "FEDORA-2015-8777",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160106.html"
"name" : "USN-2617-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2617-2" "name": "FEDORA-2015-8756",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159683.html"
"name" : "USN-2617-3", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2617-3" "name": "GLSA-201701-19",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201701-19"
"name" : "74765", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74765" "name": "[oss-security] 20150521 CVE-2015-3202 fuse privilege escalation",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/05/21/9"
"name" : "1032386", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032386" "name": "openSUSE-SU-2015:0997",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00005.html"
} },
} {
"name": "http://packetstormsecurity.com/files/132021/Fuse-Local-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132021/Fuse-Local-Privilege-Escalation.html"
},
{
"name": "https://twitter.com/taviso/status/601370527437967360",
"refsource": "MISC",
"url": "https://twitter.com/taviso/status/601370527437967360"
},
{
"name": "37089",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37089/"
},
{
"name": "USN-2617-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2617-3"
}
]
}
}

150
2015/3xxx/CVE-2015-3204.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-3204", "ID": "CVE-2015-3204",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libreswan 3.9 through 3.12 allows remote attackers to cause a denial of service (daemon restart) via an IKEv1 packet with (1) unassigned bits set in the IPSEC DOI value or (2) the next payload value set to ISAKMP_NEXT_SAK."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204.txt" "lang": "eng",
}, "value": "libreswan 3.9 through 3.12 allows remote attackers to cause a denial of service (daemon restart) via an IKEv1 packet with (1) unassigned bits set in the IPSEC DOI value or (2) the next payload value set to ISAKMP_NEXT_SAK."
{ }
"name" : "GLSA-201603-13", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201603-13" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2015:1154", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1154.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "75392", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/75392" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204.txt",
"refsource": "CONFIRM",
"url": "https://libreswan.org/security/CVE-2015-3204/CVE-2015-3204.txt"
},
{
"name": "RHSA-2015:1154",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1154.html"
},
{
"name": "GLSA-201603-13",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-13"
},
{
"name": "75392",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75392"
}
]
}
}

250
2015/3xxx/CVE-2015-3233.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-3233", "ID": "CVE-2015-3233",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150704 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100 to SA-CONTRIB-2015-131)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/07/04/4" "lang": "eng",
}, "value": "Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."
{ }
"name" : "https://www.drupal.org/node/2507729", ]
"refsource" : "MISC", },
"url" : "https://www.drupal.org/node/2507729" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.drupal.org/node/2507735", "description": [
"refsource" : "MISC", {
"url" : "https://www.drupal.org/node/2507735" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.drupal.org/node/2507741", ]
"refsource" : "MISC", }
"url" : "https://www.drupal.org/node/2507741" ]
}, },
{ "references": {
"name" : "https://www.drupal.org/SA-CORE-2015-002", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/SA-CORE-2015-002" "name": "FEDORA-2015-10189",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161265.html"
"name" : "https://www.drupal.org/node/2507535", },
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/node/2507535" "name": "https://www.drupal.org/node/2507741",
}, "refsource": "MISC",
{ "url": "https://www.drupal.org/node/2507741"
"name" : "https://www.drupal.org/node/2507555", },
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/node/2507555" "name": "75284",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/75284"
"name" : "https://www.drupal.org/node/2507561", },
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/node/2507561" "name": "https://www.drupal.org/node/2507735",
}, "refsource": "MISC",
{ "url": "https://www.drupal.org/node/2507735"
"name" : "DSA-3291", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3291" "name": "DSA-3291",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3291"
"name" : "FEDORA-2015-10189", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161265.html" "name": "FEDORA-2015-10290",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161261.html"
"name" : "FEDORA-2015-10290", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161261.html" "name": "75279",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/75279"
"name" : "75279", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75279" "name": "https://www.drupal.org/SA-CORE-2015-002",
}, "refsource": "CONFIRM",
{ "url": "https://www.drupal.org/SA-CORE-2015-002"
"name" : "75280", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75280" "name": "https://www.drupal.org/node/2507535",
}, "refsource": "CONFIRM",
{ "url": "https://www.drupal.org/node/2507535"
"name" : "75284", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75284" "name": "75280",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/75280"
} },
} {
"name": "https://www.drupal.org/node/2507561",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2507561"
},
{
"name": "https://www.drupal.org/node/2507555",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2507555"
},
{
"name": "[oss-security] 20150704 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-100 to SA-CONTRIB-2015-131)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/07/04/4"
},
{
"name": "https://www.drupal.org/node/2507729",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2507729"
}
]
}
}

160
2015/3xxx/CVE-2015-3391.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3391", "ID": "CVE-2015-3391",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtain sensitive node titles by reading a 403 Not Found page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150205 CVE requests for Drupal contributed modules", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/02/05/16" "lang": "eng",
}, "value": "The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtain sensitive node titles by reading a 403 Not Found page."
{ }
"name" : "https://www.drupal.org/node/2420139", ]
"refsource" : "MISC", },
"url" : "https://www.drupal.org/node/2420139" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.drupal.org/node/2420121", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/node/2420121" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "72569", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/72569" ]
}, },
{ "references": {
"name" : "pathbreadcrum-drupal-node-sec-bypass(100672)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100672" "name": "72569",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/72569"
} },
} {
"name": "https://www.drupal.org/node/2420139",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2420139"
},
{
"name": "pathbreadcrum-drupal-node-sec-bypass(100672)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100672"
},
{
"name": "[oss-security] 20150205 CVE requests for Drupal contributed modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/05/16"
},
{
"name": "https://www.drupal.org/node/2420121",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2420121"
}
]
}
}

34
2015/3xxx/CVE-2015-3544.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3544", "ID": "CVE-2015-3544",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2015/7xxx/CVE-2015-7059.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-7059", "ID": "CVE-2015-7059",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7060 and CVE-2015-7061."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT205637", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205637" "lang": "eng",
}, "value": "The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7060 and CVE-2015-7061."
{ }
"name" : "https://support.apple.com/HT205640", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT205640" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT205641", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205641" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-12-08-2", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2015-12-08-3", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" "name": "https://support.apple.com/HT205637",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT205637"
"name" : "APPLE-SA-2015-12-08-4", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" "name": "1034344",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1034344"
"name" : "1034344", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034344" "name": "APPLE-SA-2015-12-08-4",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
} },
} {
"name": "APPLE-SA-2015-12-08-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"name": "https://support.apple.com/HT205641",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205641"
},
{
"name": "https://support.apple.com/HT205640",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205640"
},
{
"name": "APPLE-SA-2015-12-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
}
]
}
}

150
2015/7xxx/CVE-2015-7860.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7860", "ID": "CVE-2015-7860",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by sending a large amount of data in an environment that lacks relationship-based firewalling."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-15-363/", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-15-363/" "lang": "eng",
}, "value": "Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by sending a large amount of data in an environment that lacks relationship-based firewalling."
{ }
"name" : "VU#966927", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/966927" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "75966", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75966" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033861", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033861" ]
} },
] "references": {
} "reference_data": [
} {
"name": "VU#966927",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/966927"
},
{
"name": "75966",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75966"
},
{
"name": "1033861",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033861"
},
{
"name": "http://zerodayinitiative.com/advisories/ZDI-15-363/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-15-363/"
}
]
}
}

120
2015/7xxx/CVE-2015-7904.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-7904", "ID": "CVE-2015-7904",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to execute arbitrary JSP code via vectors involving an upload of an image file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-02", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-02" "lang": "eng",
} "value": "Unrestricted file upload vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to execute arbitrary JSP code via vectors involving an upload of an image file."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-02"
}
]
}
}

34
2015/7xxx/CVE-2015-7955.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-7955", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-7955",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

34
2015/8xxx/CVE-2015-8114.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8114", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8114",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

34
2015/8xxx/CVE-2015-8176.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8176", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8176",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-8176. Reason: This candidate is a duplicate of CVE-2014-8176. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2014-8176 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-8176. Reason: This candidate is a duplicate of CVE-2014-8176. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2014-8176 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

140
2015/8xxx/CVE-2015-8373.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8373", "ID": "CVE-2015-8373",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kea-dhcp4 and kea-dhcp6 servers 0.9.2 and 1.0.0-beta in ISC Kea, when certain debugging settings are used, allow remote attackers to cause a denial of service (daemon crash) via a malformed packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kb.isc.org/article/AA-01318", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kb.isc.org/article/AA-01318" "lang": "eng",
}, "value": "The kea-dhcp4 and kea-dhcp6 servers 0.9.2 and 1.0.0-beta in ISC Kea, when certain debugging settings are used, allow remote attackers to cause a denial of service (daemon crash) via a malformed packet."
{ }
"name" : "FEDORA-2015-930b020175", ]
"refsource" : "FEDORA", },
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175218.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FEDORA-2015-aa3a69bdc3", "description": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175337.html" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://kb.isc.org/article/AA-01318",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/article/AA-01318"
},
{
"name": "FEDORA-2015-aa3a69bdc3",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175337.html"
},
{
"name": "FEDORA-2015-930b020175",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175218.html"
}
]
}
}

120
2015/8xxx/CVE-2015-8507.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2015-8507", "ID": "CVE-2015-8507",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mediaserver in Android 6.0 before 2015-12-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 24157524, a different vulnerability than CVE-2015-6616, CVE-2015-8505, and CVE-2015-8506."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2015-12-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2015-12-01.html" "lang": "eng",
} "value": "mediaserver in Android 6.0 before 2015-12-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 24157524, a different vulnerability than CVE-2015-6616, CVE-2015-8505, and CVE-2015-8506."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2015-12-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2015-12-01.html"
}
]
}
}

190
2015/8xxx/CVE-2015-8721.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8721", "ID": "CVE-2015-8721",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-40.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-40.html" "lang": "eng",
}, "value": "Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression."
{ }
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11548", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11548" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cec0593ae6c3bca65eff65741c2a10f3de3e0afe", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cec0593ae6c3bca65eff65741c2a10f3de3e0afe" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" ]
}, },
{ "references": {
"name" : "DSA-3505", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3505" "name": "http://www.wireshark.org/security/wnpa-sec-2015-40.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.wireshark.org/security/wnpa-sec-2015-40.html"
"name" : "GLSA-201604-05", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201604-05" "name": "DSA-3505",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3505"
"name" : "79814", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/79814" "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11548",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11548"
"name" : "1034551", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034551" "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cec0593ae6c3bca65eff65741c2a10f3de3e0afe",
} "refsource": "CONFIRM",
] "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cec0593ae6c3bca65eff65741c2a10f3de3e0afe"
} },
} {
"name": "79814",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79814"
},
{
"name": "GLSA-201604-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "1034551",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034551"
}
]
}
}

140
2015/8xxx/CVE-2015-8820.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-8820", "ID": "CVE-2015-8820",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8658."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-661", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-661" "lang": "eng",
}, "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8658."
{ }
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "84160", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/84160" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-661",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-661"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"name": "84160",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84160"
}
]
}
}

142
2015/9xxx/CVE-2015-9011.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"DATE_PUBLIC" : "2017-06-05T00:00:00", "DATE_PUBLIC": "2017-06-05T00:00:00",
"ID" : "CVE-2015-9011", "ID": "CVE-2015-9011",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android kernel" "version_value": "Android kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714882."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-06-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-06-01" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714882."
{ }
"name" : "98874", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98874" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038623", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038623" "lang": "eng",
} "value": "Elevation of privilege"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-06-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-06-01"
},
{
"name": "98874",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98874"
},
{
"name": "1038623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038623"
}
]
}
}

380
2016/0xxx/CVE-2016-0402.json
View File

@ -1,192 +1,192 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0402", "ID": "CVE-2016-0402",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3465", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3465" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3458", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3458" ]
}, },
{ "references": {
"name" : "GLSA-201603-14", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201603-14" "name": "openSUSE-SU-2016:0272",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html"
"name" : "GLSA-201610-08", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201610-08" "name": "81096",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/81096"
"name" : "RHSA-2016:1430", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1430" "name": "1034715",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1034715"
"name" : "RHSA-2016:0049", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0049.html" "name": "openSUSE-SU-2016:0279",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html"
"name" : "RHSA-2016:0050", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0050.html" "name": "GLSA-201610-08",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201610-08"
"name" : "RHSA-2016:0053", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0053.html" "name": "USN-2884-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2884-1"
"name" : "RHSA-2016:0054", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0054.html" "name": "DSA-3465",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3465"
"name" : "RHSA-2016:0055", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0055.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
"name" : "RHSA-2016:0056", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0056.html" "name": "USN-2885-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2885-1"
"name" : "RHSA-2016:0057", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0057.html" "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
"name" : "RHSA-2016:0067", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0067.html" "name": "RHSA-2016:1430",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1430"
"name" : "SUSE-SU-2016:0256", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" "name": "RHSA-2016:0049",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html"
"name" : "SUSE-SU-2016:0265", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" "name": "openSUSE-SU-2016:0270",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
"name" : "SUSE-SU-2016:0269", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" "name": "RHSA-2016:0053",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html"
"name" : "openSUSE-SU-2016:0263", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" "name": "SUSE-SU-2016:0269",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html"
"name" : "openSUSE-SU-2016:0268", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" "name": "RHSA-2016:0067",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html"
"name" : "openSUSE-SU-2016:0270", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" "name": "openSUSE-SU-2016:0263",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html"
"name" : "openSUSE-SU-2016:0272", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" "name": "SUSE-SU-2016:0256",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html"
"name" : "openSUSE-SU-2016:0279", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" "name": "GLSA-201603-14",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201603-14"
"name" : "USN-2884-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2884-1" "name": "RHSA-2016:0057",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html"
"name" : "USN-2885-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2885-1" "name": "RHSA-2016:0055",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html"
"name" : "81096", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/81096" "name": "RHSA-2016:0054",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html"
"name" : "1034715", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034715" "name": "RHSA-2016:0056",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html"
} },
} {
"name": "openSUSE-SU-2016:0268",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html"
},
{
"name": "RHSA-2016:0050",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html"
},
{
"name": "DSA-3458",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3458"
},
{
"name": "SUSE-SU-2016:0265",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html"
}
]
}
}

510
2016/0xxx/CVE-2016-0686.json
View File

@ -1,257 +1,257 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0686", "ID": "CVE-2016-0686",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://security.netapp.com/advisory/ntap-20160420-0001/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://security.netapp.com/advisory/ntap-20160420-0001/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3558", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3558" ]
}, },
{ "references": {
"name" : "GLSA-201606-18", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201606-18" "name": "86473",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/86473"
"name" : "RHSA-2016:0701", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0701.html" "name": "openSUSE-SU-2016:1222",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html"
"name" : "RHSA-2016:0702", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0702.html" "name": "RHSA-2016:0677",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
"name" : "RHSA-2016:0708", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0708.html" "name": "SUSE-SU-2016:1299",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html"
"name" : "RHSA-2016:0716", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0716.html" "name": "RHSA-2016:1039",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1039.html"
"name" : "RHSA-2016:0723", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0723.html" "name": "RHSA-2016:0701",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0701.html"
"name" : "RHSA-2016:1430", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1430" "name": "USN-2972-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2972-1"
"name" : "RHSA-2016:1039", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1039.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
"name" : "RHSA-2016:0650", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0650.html" "name": "SUSE-SU-2016:1303",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html"
"name" : "RHSA-2016:0651", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0651.html" "name": "SUSE-SU-2016:1475",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html"
"name" : "RHSA-2016:0675", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0675.html" "name": "openSUSE-SU-2016:1235",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html"
"name" : "RHSA-2016:0676", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0676.html" "name": "openSUSE-SU-2016:1262",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html"
"name" : "RHSA-2016:0677", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0677.html" "name": "SUSE-SU-2016:1300",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html"
"name" : "RHSA-2016:0678", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0678.html" "name": "RHSA-2016:0676",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0676.html"
"name" : "RHSA-2016:0679", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0679.html" "name": "RHSA-2016:1430",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1430"
"name" : "RHSA-2017:1216", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1216" "name": "https://security.netapp.com/advisory/ntap-20160420-0001/",
}, "refsource": "CONFIRM",
{ "url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
"name" : "SUSE-SU-2016:1299", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html" "name": "RHSA-2016:0708",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0708.html"
"name" : "SUSE-SU-2016:1300", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html" "name": "RHSA-2016:0723",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0723.html"
"name" : "SUSE-SU-2016:1303", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html" "name": "RHSA-2016:0651",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0651.html"
"name" : "SUSE-SU-2016:1378", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html" "name": "SUSE-SU-2016:1378",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html"
"name" : "SUSE-SU-2016:1379", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html" "name": "SUSE-SU-2016:1248",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html"
"name" : "SUSE-SU-2016:1388", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html" "name": "SUSE-SU-2016:1379",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html"
"name" : "SUSE-SU-2016:1458", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html" "name": "USN-2964-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2964-1"
"name" : "SUSE-SU-2016:1475", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html" "name": "openSUSE-SU-2016:1230",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html"
"name" : "openSUSE-SU-2016:1222", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html" "name": "SUSE-SU-2016:1458",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html"
"name" : "openSUSE-SU-2016:1230", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html" "name": "GLSA-201606-18",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201606-18"
"name" : "openSUSE-SU-2016:1235", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html" "name": "RHSA-2016:0716",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0716.html"
"name" : "SUSE-SU-2016:1248", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html" "name": "1035596",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035596"
"name" : "SUSE-SU-2016:1250", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html" "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
"name" : "openSUSE-SU-2016:1262", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html" "name": "openSUSE-SU-2016:1265",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html"
"name" : "openSUSE-SU-2016:1265", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html" "name": "USN-2963-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2963-1"
"name" : "USN-2963-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2963-1" "name": "RHSA-2016:0675",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0675.html"
"name" : "USN-2964-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2964-1" "name": "SUSE-SU-2016:1250",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html"
"name" : "USN-2972-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2972-1" "name": "SUSE-SU-2016:1388",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html"
"name" : "86473", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/86473" "name": "RHSA-2016:0702",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0702.html"
"name" : "1035596", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035596" "name": "RHSA-2016:0679",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
} },
} {
"name": "RHSA-2017:1216",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "DSA-3558",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3558"
},
{
"name": "RHSA-2016:0678",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
},
{
"name": "RHSA-2016:0650",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0650.html"
}
]
}
}

540
2016/0xxx/CVE-2016-0714.json
View File

@ -1,272 +1,272 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-0714", "ID": "CVE-2016-0714",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160222 [SECURITY] CVE-2016-0714 Apache Tomcat Security Manager Bypass", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2016/Feb/145" "lang": "eng",
}, "value": "The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session."
{ }
"name" : "http://svn.apache.org/viewvc?view=revision&revision=1725263", ]
"refsource" : "CONFIRM", },
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1725263" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://svn.apache.org/viewvc?view=revision&revision=1725914", "description": [
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1725914" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://svn.apache.org/viewvc?view=revision&revision=1726196", ]
"refsource" : "CONFIRM", }
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1726196" ]
}, },
{ "references": {
"name" : "http://svn.apache.org/viewvc?view=revision&revision=1726203", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1726203" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964"
"name" : "http://svn.apache.org/viewvc?view=revision&revision=1726923", },
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1726923" "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
"name" : "http://svn.apache.org/viewvc?view=revision&revision=1727034", },
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1727034" "name": "GLSA-201705-09",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201705-09"
"name" : "http://svn.apache.org/viewvc?view=revision&revision=1727166", },
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1727166" "name": "http://svn.apache.org/viewvc?view=revision&revision=1726196",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc?view=revision&revision=1726196"
"name" : "http://svn.apache.org/viewvc?view=revision&revision=1727182", },
"refsource" : "CONFIRM", {
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1727182" "name": "20160222 [SECURITY] CVE-2016-0714 Apache Tomcat Security Manager Bypass",
}, "refsource": "BUGTRAQ",
{ "url": "http://seclists.org/bugtraq/2016/Feb/145"
"name" : "http://tomcat.apache.org/security-6.html", },
"refsource" : "CONFIRM", {
"url" : "http://tomcat.apache.org/security-6.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
"name" : "http://tomcat.apache.org/security-7.html", },
"refsource" : "CONFIRM", {
"url" : "http://tomcat.apache.org/security-7.html" "name": "openSUSE-SU-2016:0865",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html"
"name" : "http://tomcat.apache.org/security-8.html", },
"refsource" : "CONFIRM", {
"url" : "http://tomcat.apache.org/security-8.html" "name": "http://tomcat.apache.org/security-9.html",
}, "refsource": "CONFIRM",
{ "url": "http://tomcat.apache.org/security-9.html"
"name" : "http://tomcat.apache.org/security-9.html", },
"refsource" : "CONFIRM", {
"url" : "http://tomcat.apache.org/security-9.html" "name": "USN-3024-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3024-1"
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442" "name": "SUSE-SU-2016:0769",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html"
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626" "name": "RHSA-2016:2045",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2045.html"
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964" "name": "http://svn.apache.org/viewvc?view=revision&revision=1725263",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc?view=revision&revision=1725263"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" "name": "DSA-3530",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3530"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "name": "http://svn.apache.org/viewvc?view=revision&revision=1726923",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc?view=revision&revision=1726923"
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" "name": "http://svn.apache.org/viewvc?view=revision&revision=1727166",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc?view=revision&revision=1727166"
"name" : "https://bto.bluecoat.com/security-advisory/sa118", },
"refsource" : "CONFIRM", {
"url" : "https://bto.bluecoat.com/security-advisory/sa118" "name": "http://svn.apache.org/viewvc?view=revision&revision=1727034",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc?view=revision&revision=1727034"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" "name": "http://tomcat.apache.org/security-7.html",
}, "refsource": "CONFIRM",
{ "url": "http://tomcat.apache.org/security-7.html"
"name" : "https://security.netapp.com/advisory/ntap-20180531-0001/", },
"refsource" : "CONFIRM", {
"url" : "https://security.netapp.com/advisory/ntap-20180531-0001/" "name": "http://svn.apache.org/viewvc?view=revision&revision=1725914",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc?view=revision&revision=1725914"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "name": "HPSBUX03561",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=145974991225029&w=2"
"name" : "DSA-3530", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3530" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
"name" : "DSA-3609", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3609" "name": "1037640",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1037640"
"name" : "DSA-3552", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3552" "name": "RHSA-2016:1089",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
"name" : "GLSA-201705-09", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201705-09" "name": "http://tomcat.apache.org/security-8.html",
}, "refsource": "CONFIRM",
{ "url": "http://tomcat.apache.org/security-8.html"
"name" : "HPSBUX03561", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=145974991225029&w=2" "name": "RHSA-2016:1087",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1087"
"name" : "RHSA-2016:2045", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2045.html" "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name" : "RHSA-2016:1087", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1087" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
"name" : "RHSA-2016:1088", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1088" "name": "1035069",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035069"
"name" : "RHSA-2016:1089", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1089.html" "name": "https://bto.bluecoat.com/security-advisory/sa118",
}, "refsource": "CONFIRM",
{ "url": "https://bto.bluecoat.com/security-advisory/sa118"
"name" : "RHSA-2016:2599", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2599.html" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442"
"name" : "RHSA-2016:2807", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2807.html" "name": "RHSA-2016:2807",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2807.html"
"name" : "RHSA-2016:2808", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2808.html" "name": "RHSA-2016:1088",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1088"
"name" : "SUSE-SU-2016:0769", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html" "name": "https://security.netapp.com/advisory/ntap-20180531-0001/",
}, "refsource": "CONFIRM",
{ "url": "https://security.netapp.com/advisory/ntap-20180531-0001/"
"name" : "SUSE-SU-2016:0822", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html" "name": "http://tomcat.apache.org/security-6.html",
}, "refsource": "CONFIRM",
{ "url": "http://tomcat.apache.org/security-6.html"
"name" : "SUSE-SU-2016:0839", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00082.html" "name": "RHSA-2016:2808",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2808.html"
"name" : "openSUSE-SU-2016:0865", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html" "name": "http://svn.apache.org/viewvc?view=revision&revision=1726203",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc?view=revision&revision=1726203"
"name" : "USN-3024-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3024-1" "name": "SUSE-SU-2016:0822",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html"
"name" : "83327", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/83327" "name": "http://svn.apache.org/viewvc?view=revision&revision=1727182",
}, "refsource": "CONFIRM",
{ "url": "http://svn.apache.org/viewvc?view=revision&revision=1727182"
"name" : "1035069", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035069" "name": "83327",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/83327"
"name" : "1037640", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037640" "name": "RHSA-2016:2599",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-2599.html"
} },
} {
"name": "DSA-3609",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3609"
},
{
"name": "SUSE-SU-2016:0839",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00082.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626"
},
{
"name": "DSA-3552",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3552"
}
]
}
}

160
2016/1xxx/CVE-2016-1417.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1417", "ID": "CVE-2016-1417",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same folder on a remote file share as a pcap file that is being processed."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20161012 Snort v2.9.7.0-WIN32 DLL Hijack", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/539579/100/0/threaded" "lang": "eng",
}, "value": "Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tcapi.dll that is located in the same folder on a remote file share as a pcap file that is being processed."
{ }
"name" : "http://hyp3rlinx.altervista.org/advisories/SNORT-DLL-HIJACK.txt", ]
"refsource" : "MISC", },
"url" : "http://hyp3rlinx.altervista.org/advisories/SNORT-DLL-HIJACK.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/138915/Snort-2.9.7.0-WIN32-DLL-Hijacking.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/138915/Snort-2.9.7.0-WIN32-DLL-Hijacking.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "93269", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/93269" ]
}, },
{ "references": {
"name" : "1036936", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036936" "name": "1036936",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1036936"
} },
} {
"name": "http://hyp3rlinx.altervista.org/advisories/SNORT-DLL-HIJACK.txt",
"refsource": "MISC",
"url": "http://hyp3rlinx.altervista.org/advisories/SNORT-DLL-HIJACK.txt"
},
{
"name": "93269",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93269"
},
{
"name": "http://packetstormsecurity.com/files/138915/Snort-2.9.7.0-WIN32-DLL-Hijacking.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138915/Snort-2.9.7.0-WIN32-DLL-Hijacking.html"
},
{
"name": "20161012 Snort v2.9.7.0-WIN32 DLL Hijack",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539579/100/0/threaded"
}
]
}
}

34
2016/1xxx/CVE-2016-1553.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1553", "ID": "CVE-2016-1553",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2016/1xxx/CVE-2016-1874.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1874", "ID": "CVE-2016-1874",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2016/5xxx/CVE-2016-5042.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5042", "ID": "CVE-2016-5042",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160524 CVE request: Multiple vunerabilities in libdwarf & dwarfdump", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/05/24/1" "lang": "eng",
}, "value": "The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section."
{ }
"name" : "[oss-security] 20160524 Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/05/25/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1332145", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1332145" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.prevanders.net/dwarfbug.html", ]
"refsource" : "CONFIRM", }
"url" : "https://www.prevanders.net/dwarfbug.html" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://www.prevanders.net/dwarfbug.html",
"refsource": "CONFIRM",
"url": "https://www.prevanders.net/dwarfbug.html"
},
{
"name": "[oss-security] 20160524 CVE request: Multiple vunerabilities in libdwarf & dwarfdump",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/24/1"
},
{
"name": "[oss-security] 20160524 Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/25/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1332145",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332145"
}
]
}
}

130
2016/5xxx/CVE-2016-5374.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5374", "ID": "CVE-2016-5374",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NetApp Data ONTAP 9.0 and 9.1 before 9.1P1 allows remote authenticated users that own SMB-hosted data to bypass intended sharing restrictions by leveraging improper handling of the owner_rights ACL entry."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kb.netapp.com/support/s/article/ka51A00000007IBQAY/NTAP-20170228-0002?language=en_US", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kb.netapp.com/support/s/article/ka51A00000007IBQAY/NTAP-20170228-0002?language=en_US" "lang": "eng",
}, "value": "NetApp Data ONTAP 9.0 and 9.1 before 9.1P1 allows remote authenticated users that own SMB-hosted data to bypass intended sharing restrictions by leveraging improper handling of the owner_rights ACL entry."
{ }
"name" : "96524", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96524" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netapp.com/support/s/article/ka51A00000007IBQAY/NTAP-20170228-0002?language=en_US",
"refsource": "CONFIRM",
"url": "https://kb.netapp.com/support/s/article/ka51A00000007IBQAY/NTAP-20170228-0002?language=en_US"
},
{
"name": "96524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96524"
}
]
}
}

150
2016/5xxx/CVE-2016-5451.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5451", "ID": "CVE-2016-5451",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality and integrity via vectors related to EAI, a different vulnerability than CVE-2016-5468."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality and integrity via vectors related to EAI, a different vulnerability than CVE-2016-5468."
{ }
"name" : "91787", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91787" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91954", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91954" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1036400", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1036400" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1036400",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036400"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "91954",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91954"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
}
]
}
}

130
2016/5xxx/CVE-2016-5818.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2016-5818", "ID": "CVE-2016-5818",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Schneider Electric PowerLogic 2.651 and older", "product_name": "Schneider Electric PowerLogic 2.651 and older",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Schneider Electric PowerLogic 2.651 and older" "version_value": "Schneider Electric PowerLogic 2.651 and older"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Schneider Electric PowerLogic PM8ECC Hard-coded Password Vulnerability"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-292-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-292-01" "lang": "eng",
}, "value": "An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older. Undocumented hard-coded credentials allow access to the device."
{ }
"name" : "93602", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93602" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Schneider Electric PowerLogic PM8ECC Hard-coded Password Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-292-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-292-01"
},
{
"name": "93602",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93602"
}
]
}
}

318
2019/0xxx/CVE-2019-0001.json
View File

@ -1,161 +1,161 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "sirt@juniper.net", "ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC" : "2019-01-09T17:00:00.000Z", "DATE_PUBLIC": "2019-01-09T17:00:00.000Z",
"ID" : "CVE-2019-0001", "ID": "CVE-2019-0001",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Junos OS: MX Series: uncontrolled recursion and crash in Broadband Edge subscriber management daemon (bbe-smgd)." "TITLE": "Junos OS: MX Series: uncontrolled recursion and crash in Broadband Edge subscriber management daemon (bbe-smgd)."
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Junos OS", "product_name": "Junos OS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"platform" : "MX Series", "platform": "MX Series",
"version_name" : "16.1", "version_name": "16.1",
"version_value" : "16.1R7-S1" "version_value": "16.1R7-S1"
}, },
{ {
"affected" : "<", "affected": "<",
"platform" : "MX Series", "platform": "MX Series",
"version_name" : "16.2", "version_name": "16.2",
"version_value" : "16.2R2-S7" "version_value": "16.2R2-S7"
}, },
{ {
"affected" : "<", "affected": "<",
"platform" : "MX Series", "platform": "MX Series",
"version_name" : "17.1", "version_name": "17.1",
"version_value" : "17.1R2-S10, 17.1R3" "version_value": "17.1R2-S10, 17.1R3"
}, },
{ {
"affected" : "<", "affected": "<",
"platform" : "MX Series", "platform": "MX Series",
"version_name" : "17.2", "version_name": "17.2",
"version_value" : "17.2R3" "version_value": "17.2R3"
}, },
{ {
"affected" : "<", "affected": "<",
"platform" : "MX Series", "platform": "MX Series",
"version_name" : "17.3", "version_name": "17.3",
"version_value" : "17.3R3-S1" "version_value": "17.3R3-S1"
}, },
{ {
"affected" : "<", "affected": "<",
"platform" : "MX Series", "platform": "MX Series",
"version_name" : "17.4", "version_name": "17.4",
"version_value" : "17.4R2" "version_value": "17.4R2"
}, },
{ {
"affected" : "<", "affected": "<",
"platform" : "MX Series", "platform": "MX Series",
"version_name" : "18.1", "version_name": "18.1",
"version_value" : "18.1R3" "version_value": "18.1R3"
}, },
{ {
"affected" : "<", "affected": "<",
"platform" : "MX Series", "platform": "MX Series",
"version_name" : "18.2", "version_name": "18.2",
"version_value" : "18.2R2" "version_value": "18.2R2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Juniper Networks" "vendor_name": "Juniper Networks"
} }
]
}
},
"configuration" : [
{
"lang" : "eng",
"value" : "This issue can only occur on MX Series devices with dynamic vlan configuration."
}
],
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU usage and a crash of the bbe-smgd service. Repeated receipt of the same packet can result in an extended denial of service condition for the device. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S1; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S1; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-674: Uncontrolled Recursion"
}
] ]
} }
] },
}, "configuration": [
"references" : { {
"reference_data" : [ "lang": "eng",
{ "value": "This issue can only occur on MX Series devices with dynamic vlan configuration."
"name" : "https://kb.juniper.net/JSA10900", }
"refsource" : "CONFIRM", ],
"url" : "https://kb.juniper.net/JSA10900" "data_format": "MITRE",
}, "data_type": "CVE",
{ "data_version": "4.0",
"name" : "106541", "description": {
"refsource" : "BID", "description_data": [
"url" : "http://www.securityfocus.com/bid/106541" {
} "lang": "eng",
] "value": "Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU usage and a crash of the bbe-smgd service. Repeated receipt of the same packet can result in an extended denial of service condition for the device. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S1; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S1; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2."
}, }
"solution" : [ ]
{ },
"lang" : "eng", "exploit": [
"value" : "The following Junos OS releases have been updated to resolve this specific issue: 16.1R7-S1, 16.2R2-S7, 17.1R2-S10, 17.1R3, 17.2R3, 17.3R3-S1, 17.4R2, 18.1R3, 18.2R2, 18.3R1, and all subsequent releases.\n" {
} "lang": "eng",
], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"source" : { }
"advisory" : "JSA10900", ],
"defect" : [ "impact": {
"1356474" "cvss": {
], "attackComplexity": "LOW",
"discovery" : "USER" "attackVector": "NETWORK",
}, "availabilityImpact": "HIGH",
"work_around" : [ "baseScore": 7.5,
{ "baseSeverity": "HIGH",
"lang" : "eng", "confidentialityImpact": "NONE",
"value" : "There are no viable workarounds for this issue." "integrityImpact": "NONE",
} "privilegesRequired": "NONE",
] "scope": "UNCHANGED",
} "userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-674: Uncontrolled Recursion"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10900",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10900"
},
{
"name": "106541",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106541"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following Junos OS releases have been updated to resolve this specific issue: 16.1R7-S1, 16.2R2-S7, 17.1R2-S10, 17.1R3, 17.2R3, 17.3R3-S1, 17.4R2, 18.1R3, 18.2R2, 18.3R1, and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA10900",
"defect": [
"1356474"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

150
2019/0xxx/CVE-2019-0262.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2019-0262", "ID": "CVE-2019-0262",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP WebIntelligence BILaunchPad (Enterprise)", "product_name": "SAP WebIntelligence BILaunchPad (Enterprise)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_name" : "<", "version_name": "<",
"version_value" : "4.10" "version_value": "4.10"
}, },
{ {
"version_name" : "<", "version_name": "<",
"version_value" : "4.20" "version_value": "4.20"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP SE" "vendor_name": "SAP SE"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not sufficiently encode user-controlled inputs in generated HTML reports, resulting in Cross-Site Scripting (XSS) vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://launchpad.support.sap.com/#/notes/2696714", "description_data": [
"refsource" : "MISC", {
"url" : "https://launchpad.support.sap.com/#/notes/2696714" "lang": "eng",
}, "value": "SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not sufficiently encode user-controlled inputs in generated HTML reports, resulting in Cross-Site Scripting (XSS) vulnerability."
{ }
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943", ]
"refsource" : "MISC", },
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "106998", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/106998" "lang": "eng",
} "value": "Cross-Site Scripting"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name": "106998",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106998"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2696714",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2696714"
}
]
}
}

34
2019/0xxx/CVE-2019-0301.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0301", "ID": "CVE-2019-0301",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0945.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0945", "ID": "CVE-2019-0945",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1089.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1089", "ID": "CVE-2019-1089",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1136.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1136", "ID": "CVE-2019-1136",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1254.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1254", "ID": "CVE-2019-1254",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1526.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1526", "ID": "CVE-2019-1526",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

196
2019/1xxx/CVE-2019-1607.json
View File

@ -1,100 +1,100 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC" : "2019-03-06T16:00:00-0800", "DATE_PUBLIC": "2019-03-06T16:00:00-0800",
"ID" : "CVE-2019-1607", "ID": "CVE-2019-1607",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1607)" "TITLE": "Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1607)"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Nexus 7000 and 7700 Series Switches", "product_name": "Nexus 7000 and 7700 Series Switches",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "6.2(22)" "version_value": "6.2(22)"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.3(3)D1(1)" "version_value": "7.3(3)D1(1)"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "8.2(3)" "version_value": "8.2(3)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cisco" "vendor_name": "Cisco"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(22), 7.3(3)D1(1), and 8.2(3)."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact" : {
"cvss" : {
"baseScore" : "4.2",
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L ",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-77"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20190306 Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1607)", "description_data": [
"refsource" : "CISCO", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1607" "lang": "eng",
}, "value": "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability. Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(22), 7.3(3)D1(1), and 8.2(3)."
{ }
"name" : "107393", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/107393" "exploit": [
} {
] "lang": "eng",
}, "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
"source" : { }
"advisory" : "cisco-sa-20190306-nxos-cmdinj-1607", ],
"defect" : [ "impact": {
[ "cvss": {
"CSCvi01416" "baseScore": "4.2",
] "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L ",
], "version": "3.0"
"discovery" : "INTERNAL" }
} },
} "problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190306 Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1607)",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-cmdinj-1607"
},
{
"name": "107393",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107393"
}
]
},
"source": {
"advisory": "cisco-sa-20190306-nxos-cmdinj-1607",
"defect": [
[
"CSCvi01416"
]
],
"discovery": "INTERNAL"
}
}

34
2019/4xxx/CVE-2019-4652.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4652", "ID": "CVE-2019-4652",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4780.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4780", "ID": "CVE-2019-4780",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4967.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4967", "ID": "CVE-2019-4967",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5369.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5369", "ID": "CVE-2019-5369",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5394.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5394", "ID": "CVE-2019-5394",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5494.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5494", "ID": "CVE-2019-5494",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5536.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5536", "ID": "CVE-2019-5536",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8446.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8446", "ID": "CVE-2019-8446",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8860.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8860", "ID": "CVE-2019-8860",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/9xxx/CVE-2019-9062.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9062", "ID": "CVE-2019-9062",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery (CSRF) in my-account.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://hackingvila.wordpress.com/2019/02/19/php-scripts-mall-online-food-ordering-script-has-cross-site-request-forgery-csrf-php-script-mall/", "description_data": [
"refsource" : "MISC", {
"url" : "https://hackingvila.wordpress.com/2019/02/19/php-scripts-mall-online-food-ordering-script-has-cross-site-request-forgery-csrf-php-script-mall/" "lang": "eng",
} "value": "PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery (CSRF) in my-account.php."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackingvila.wordpress.com/2019/02/19/php-scripts-mall-online-food-ordering-script-has-cross-site-request-forgery-csrf-php-script-mall/",
"refsource": "MISC",
"url": "https://hackingvila.wordpress.com/2019/02/19/php-scripts-mall-online-food-ordering-script-has-cross-site-request-forgery-csrf-php-script-mall/"
}
]
}
}

34
2019/9xxx/CVE-2019-9091.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9091", "ID": "CVE-2019-9091",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/9xxx/CVE-2019-9574.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9574", "ID": "CVE-2019-9574",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The WP Human Resource Management plugin before 2.2.6 for WordPress does not ensure that a leave modification occurs in the context of the Administrator or HR Manager role."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://wordpress.org/plugins/hrm/#developers", "description_data": [
"refsource" : "MISC", {
"url" : "https://wordpress.org/plugins/hrm/#developers" "lang": "eng",
} "value": "The WP Human Resource Management plugin before 2.2.6 for WordPress does not ensure that a leave modification occurs in the context of the Administrator or HR Manager role."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/hrm/#developers",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/hrm/#developers"
}
]
}
}

120
2019/9xxx/CVE-2019-9617.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9617", "ID": "CVE-2019-9617",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/ueditor/uploadFile URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.seebug.org/vuldb/ssvid-97831", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.seebug.org/vuldb/ssvid-97831" "lang": "eng",
} "value": "An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/ueditor/uploadFile URI."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.seebug.org/vuldb/ssvid-97831",
"refsource": "MISC",
"url": "https://www.seebug.org/vuldb/ssvid-97831"
}
]
}
}