admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:56:27 +00:00
parent 751cb51d70
commit df0fdd01d7
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
62 changed files with 3589 additions and 3589 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
2007/0xxx/CVE-2007-0622.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0622", "ID": "CVE-2007-0622",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in MyBB (aka MyBulletinBoard) 1.2.2 allows remote attackers to send messages to arbitrary users. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "32968", "description_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32968" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in MyBB (aka MyBulletinBoard) 1.2.2 allows remote attackers to send messages to arbitrary users. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "23934", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/23934" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "23934",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23934"
},
{
"name": "32968",
"refsource": "OSVDB",
"url": "http://osvdb.org/32968"
}
]
}
} }

168
2007/0xxx/CVE-2007-0865.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0865", "ID": "CVE-2007-0865",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in comments.php in LushiNews 1.01 and earlier allows remote authenticated users to inject arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3287", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3287" "lang": "eng",
}, "value": "SQL injection vulnerability in comments.php in LushiNews 1.01 and earlier allows remote authenticated users to inject arbitrary SQL commands via the id parameter."
{ }
"name" : "22469", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22469" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0539", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0539" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33134", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/33134" ]
}, },
{ "references": {
"name" : "24081", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24081" "name": "3287",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/3287"
"name" : "lushinews-comments-sql-injection(32360)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32360" "name": "lushinews-comments-sql-injection(32360)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32360"
} },
{
"name": "22469",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22469"
},
{
"name": "24081",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24081"
},
{
"name": "ADV-2007-0539",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0539"
},
{
"name": "33134",
"refsource": "OSVDB",
"url": "http://osvdb.org/33134"
}
]
}
} }

158
2007/0xxx/CVE-2007-0901.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0901", "ID": "CVE-2007-0901",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Info pages in MoinMoin 1.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) hitcounts and (2) general parameters, different vectors than CVE-2007-0857. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "USN-423-1", "description_data": [
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-423-1" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Info pages in MoinMoin 1.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) hitcounts and (2) general parameters, different vectors than CVE-2007-0857. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "22515", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22515" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "33172", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33172" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24138", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/24138" ]
}, },
{ "references": {
"name" : "24244", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24244" "name": "24138",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24138"
} },
{
"name": "33172",
"refsource": "OSVDB",
"url": "http://osvdb.org/33172"
},
{
"name": "USN-423-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-423-1"
},
{
"name": "22515",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22515"
},
{
"name": "24244",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24244"
}
]
}
} }

32
2007/0xxx/CVE-2007-0990.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2007-0990", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2007-0990",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none."
} }
] ]
} }
} }

32
2007/1xxx/CVE-2007-1336.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1336", "ID": "CVE-2007-1336",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

158
2007/1xxx/CVE-2007-1481.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1481", "ID": "CVE-2007-1481",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in WBBlog allows remote attackers to execute arbitrary SQL commands via the e_id parameter in a viewentry cmd."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3490", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3490" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in WBBlog allows remote attackers to execute arbitrary SQL commands via the e_id parameter in a viewentry cmd."
{ }
"name" : "22998", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22998" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1001", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1001" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24532", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/24532" ]
}, },
{ "references": {
"name" : "wbblog-viewentry-sql-injection(33010)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33010" "name": "3490",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/3490"
} },
{
"name": "ADV-2007-1001",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1001"
},
{
"name": "24532",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24532"
},
{
"name": "wbblog-viewentry-sql-injection(33010)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33010"
},
{
"name": "22998",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22998"
}
]
}
} }

178
2007/3xxx/CVE-2007-3261.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3261", "ID": "CVE-2007-3261",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in widgets/widget_search.php in dKret before 2.6 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://dkret.svn.sourceforge.net/viewvc/dkret/trunk/widgets/widget_search.php?r1=275&r2=281", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://dkret.svn.sourceforge.net/viewvc/dkret/trunk/widgets/widget_search.php?r1=275&r2=281" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in widgets/widget_search.php in dKret before 2.6 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF)."
{ }
"name" : "http://sourceforge.net/project/shownotes.php?release_id=516770&group_id=185847", ]
"refsource" : "CONFIRM", },
"url" : "http://sourceforge.net/project/shownotes.php?release_id=516770&group_id=185847" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24518", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24518" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-2243", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/2243" ]
}, },
{ "references": {
"name" : "36373", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36373" "name": "http://sourceforge.net/project/shownotes.php?release_id=516770&group_id=185847",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/project/shownotes.php?release_id=516770&group_id=185847"
"name" : "25731", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25731" "name": "24518",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/24518"
"name" : "dkret-widgetsearch-xss(34930)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34930" "name": "http://dkret.svn.sourceforge.net/viewvc/dkret/trunk/widgets/widget_search.php?r1=275&r2=281",
} "refsource": "CONFIRM",
] "url": "http://dkret.svn.sourceforge.net/viewvc/dkret/trunk/widgets/widget_search.php?r1=275&r2=281"
} },
{
"name": "dkret-widgetsearch-xss(34930)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34930"
},
{
"name": "25731",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25731"
},
{
"name": "36373",
"refsource": "OSVDB",
"url": "http://osvdb.org/36373"
},
{
"name": "ADV-2007-2243",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2243"
}
]
}
} }

188
2007/3xxx/CVE-2007-3356.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3356", "ID": "CVE-2007-3356",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NetClassifieds Premium Edition allows remote attackers to obtain sensitive information via certain requests that reveal the path in an error message, related to the display_errors setting in (1) Common.php and (2) imageresizer.php, and (3) the use of __FILE__ in error reporting by imageresizer.php; and (4) via certain requests that reveal the table name and complete query, related to the Halt_On_Error setting in Mysql_db.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070621 NetClassifieds [multiple vulnerabilities]", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/471944/100/0/threaded" "lang": "eng",
}, "value": "NetClassifieds Premium Edition allows remote attackers to obtain sensitive information via certain requests that reveal the path in an error message, related to the display_errors setting in (1) Common.php and (2) imageresizer.php, and (3) the use of __FILE__ in error reporting by imageresizer.php; and (4) via certain requests that reveal the table name and complete query, related to the Halt_On_Error setting in Mysql_db.php."
{ }
"name" : "24584", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24584" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "38564", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38564" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "38565", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/38565" ]
}, },
{ "references": {
"name" : "38566", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38566" "name": "20070621 NetClassifieds [multiple vulnerabilities]",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/471944/100/0/threaded"
"name" : "38567", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38567" "name": "netclassifieds-multi-information-disclosure(34997)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34997"
"name" : "2824", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2824" "name": "24584",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/24584"
"name" : "netclassifieds-multi-information-disclosure(34997)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34997" "name": "38565",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/38565"
} },
{
"name": "38566",
"refsource": "OSVDB",
"url": "http://osvdb.org/38566"
},
{
"name": "38567",
"refsource": "OSVDB",
"url": "http://osvdb.org/38567"
},
{
"name": "2824",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2824"
},
{
"name": "38564",
"refsource": "OSVDB",
"url": "http://osvdb.org/38564"
}
]
}
} }

168
2007/3xxx/CVE-2007-3401.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3401", "ID": "CVE-2007-3401",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in footer.inc.php in B1G b1gBB 2.24 allows remote attackers to execute arbitrary PHP code via a URL in the tfooter parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4102", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4102" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in footer.inc.php in B1G b1gBB 2.24 allows remote attackers to execute arbitrary PHP code via a URL in the tfooter parameter."
{ }
"name" : "24624", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24624" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-2321", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2321" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36291", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/36291" ]
}, },
{ "references": {
"name" : "25837", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25837" "name": "25837",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25837"
"name" : "b1gbb-footerinc-file-include(35035)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35035" "name": "b1gbb-footerinc-file-include(35035)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35035"
} },
{
"name": "ADV-2007-2321",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2321"
},
{
"name": "24624",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24624"
},
{
"name": "4102",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4102"
},
{
"name": "36291",
"refsource": "OSVDB",
"url": "http://osvdb.org/36291"
}
]
}
} }

158
2007/3xxx/CVE-2007-3578.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3578", "ID": "CVE-2007-3578",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHPIDS before 20070703 does not properly handle (1) arithmetic expressions and (2) unclosed comments, which allows remote attackers to inject arbitrary web script."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sla.ckers.org/forum/read.php?2,13209,13218", "description_data": [
"refsource" : "MISC", {
"url" : "http://sla.ckers.org/forum/read.php?2,13209,13218" "lang": "eng",
}, "value": "PHPIDS before 20070703 does not properly handle (1) arithmetic expressions and (2) unclosed comments, which allows remote attackers to inject arbitrary web script."
{ }
"name" : "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0", ]
"refsource" : "CONFIRM", },
"url" : "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "45757", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/45757" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "45758", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/45758" ]
}, },
{ "references": {
"name" : "phpids-arithmetic-unclosed-xss(35519)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35519" "name": "45757",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/45757"
} },
{
"name": "http://sla.ckers.org/forum/read.php?2,13209,13218",
"refsource": "MISC",
"url": "http://sla.ckers.org/forum/read.php?2,13209,13218"
},
{
"name": "45758",
"refsource": "OSVDB",
"url": "http://osvdb.org/45758"
},
{
"name": "phpids-arithmetic-unclosed-xss(35519)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35519"
},
{
"name": "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0",
"refsource": "CONFIRM",
"url": "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0"
}
]
}
} }

188
2007/3xxx/CVE-2007-3783.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3783", "ID": "CVE-2007-3783",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in default.asp in enVivo!CMS allows remote attackers to execute arbitrary SQL commands via the ID parameter in an article action. NOTE: this is probably different from CVE-2005-1413.4."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070711 durito: enVivo!CMS SQL injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/473355/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in default.asp in enVivo!CMS allows remote attackers to execute arbitrary SQL commands via the ID parameter in an article action. NOTE: this is probably different from CVE-2005-1413.4."
{ }
"name" : "20070711 durito: enVivo!CMS SQL injection", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064555.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://securityvulns.ru/Rdocument425.html", "description": [
"refsource" : "MISC", {
"url" : "http://securityvulns.ru/Rdocument425.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-2503", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/2503" ]
}, },
{ "references": {
"name" : "36246", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36246" "name": "envivocms-default-sql-injection(35342)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35342"
"name" : "26020", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26020" "name": "2897",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2897"
"name" : "2897", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2897" "name": "36246",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36246"
"name" : "envivocms-default-sql-injection(35342)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35342" "name": "26020",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/26020"
} },
{
"name": "20070711 durito: enVivo!CMS SQL injection",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064555.html"
},
{
"name": "20070711 durito: enVivo!CMS SQL injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/473355/100/0/threaded"
},
{
"name": "http://securityvulns.ru/Rdocument425.html",
"refsource": "MISC",
"url": "http://securityvulns.ru/Rdocument425.html"
},
{
"name": "ADV-2007-2503",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2503"
}
]
}
} }

188
2007/3xxx/CVE-2007-3880.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3880", "ID": "CVE-2007-3880",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071102 Sun Microsystems Solaris srsexec Format String Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=610" "lang": "eng",
}, "value": "Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog."
{ }
"name" : "103119", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103119-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "200581", "description": [
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200581-1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26313", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/26313" ]
}, },
{ "references": {
"name" : "ADV-2007-3711", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3711" "name": "103119",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103119-1"
"name" : "40836", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/40836" "name": "40836",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/40836"
"name" : "1018893", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018893" "name": "1018893",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018893"
"name" : "27512", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27512" "name": "26313",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/26313"
} },
{
"name": "ADV-2007-3711",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3711"
},
{
"name": "27512",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27512"
},
{
"name": "200581",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200581-1"
},
{
"name": "20071102 Sun Microsystems Solaris srsexec Format String Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=610"
}
]
}
} }

148
2007/3xxx/CVE-2007-3976.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3976", "ID": "CVE-2007-3976",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in bwired allows remote attackers to execute arbitrary SQL commands via the newsID parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4213", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4213" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in bwired allows remote attackers to execute arbitrary SQL commands via the newsID parameter."
{ }
"name" : "ADV-2007-2612", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/2612" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39135", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39135" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "bwired-index-sql-injection(35540)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35540" ]
} },
] "references": {
} "reference_data": [
{
"name": "4213",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4213"
},
{
"name": "ADV-2007-2612",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2612"
},
{
"name": "39135",
"refsource": "OSVDB",
"url": "http://osvdb.org/39135"
},
{
"name": "bwired-index-sql-injection(35540)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35540"
}
]
}
} }

178
2007/4xxx/CVE-2007-4339.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4339", "ID": "CVE-2007-4339",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter in (1) poll.php and (2) pollarchive.php. NOTE: a reliable third party states that this issue is resultant from a variable extraction error in functions.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070812 PHPCentral Poll Script Remote Command Execution Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/476261/100/0/threaded" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter in (1) poll.php and (2) pollarchive.php. NOTE: a reliable third party states that this issue is resultant from a variable extraction error in functions.php."
{ }
"name" : "20070820 Re: PHPCentral Poll Script Remote Command Execution Vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/477179/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-2878", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2878" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36418", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/36418" ]
}, },
{ "references": {
"name" : "36419", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36419" "name": "20070820 Re: PHPCentral Poll Script Remote Command Execution Vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/477179/100/0/threaded"
"name" : "26434", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26434" "name": "26434",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26434"
"name" : "3008", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3008" "name": "20070812 PHPCentral Poll Script Remote Command Execution Vulnerability",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/476261/100/0/threaded"
} },
{
"name": "ADV-2007-2878",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2878"
},
{
"name": "3008",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3008"
},
{
"name": "36418",
"refsource": "OSVDB",
"url": "http://osvdb.org/36418"
},
{
"name": "36419",
"refsource": "OSVDB",
"url": "http://osvdb.org/36419"
}
]
}
} }

188
2007/4xxx/CVE-2007-4390.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4390", "ID": "CVE-2007-4390",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Command Line Interface (CLI), aka Adonis Administration Console, on the BlueCat Networks Adonis DNS/DHCP appliance 5.0.2.8 allows local admin users to gain root privileges on the underlying operating system via shell metacharacters in a command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070816 TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/476785/100/0/threaded" "lang": "eng",
}, "value": "The Command Line Interface (CLI), aka Adonis Administration Console, on the BlueCat Networks Adonis DNS/DHCP appliance 5.0.2.8 allows local admin users to gain root privileges on the underlying operating system via shell metacharacters in a command."
{ }
"name" : "20070820 Re: TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/477163/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25342", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25342" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "39398", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/39398" ]
}, },
{ "references": {
"name" : "1018584", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018584" "name": "26495",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26495"
"name" : "26495", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26495" "name": "25342",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25342"
"name" : "3025", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3025" "name": "adonis-dnsdhcpcli-privilege-escalation(36082)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36082"
"name" : "adonis-dnsdhcpcli-privilege-escalation(36082)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36082" "name": "1018584",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1018584"
} },
{
"name": "3025",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3025"
},
{
"name": "20070816 TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/476785/100/0/threaded"
},
{
"name": "39398",
"refsource": "OSVDB",
"url": "http://osvdb.org/39398"
},
{
"name": "20070820 Re: TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477163/100/0/threaded"
}
]
}
} }

148
2007/4xxx/CVE-2007-4820.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4820", "ID": "CVE-2007-4820",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4380", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4380" "lang": "eng",
}, "value": "Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter."
{ }
"name" : "25605", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25605" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39017", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39017" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "sisfokampus-nmf-file-include(36533)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36533" ]
} },
] "references": {
} "reference_data": [
{
"name": "25605",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25605"
},
{
"name": "39017",
"refsource": "OSVDB",
"url": "http://osvdb.org/39017"
},
{
"name": "4380",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4380"
},
{
"name": "sisfokampus-nmf-file-include(36533)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36533"
}
]
}
} }

168
2007/4xxx/CVE-2007-4962.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4962", "ID": "CVE-2007-4962",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in WinImage 8.10 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a filename within a (1) .IMG or (2) .ISO file. NOTE: this can be leveraged for code execution by writing to a Startup folder."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070915 WinImage 8.10 vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/479695/100/0/threaded" "lang": "eng",
}, "value": "Directory traversal vulnerability in WinImage 8.10 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a filename within a (1) .IMG or (2) .ISO file. NOTE: this can be leveraged for code execution by writing to a Startup folder."
{ }
"name" : "25687", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25687" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "40550", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/40550" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26832", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/26832" ]
}, },
{ "references": {
"name" : "3140", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3140" "name": "20070915 WinImage 8.10 vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/479695/100/0/threaded"
"name" : "winimage-imgiso-directory-traversal(36663)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36663" "name": "40550",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/40550"
} },
{
"name": "3140",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3140"
},
{
"name": "winimage-imgiso-directory-traversal(36663)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36663"
},
{
"name": "25687",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25687"
},
{
"name": "26832",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26832"
}
]
}
} }

138
2014/5xxx/CVE-2014-5637.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5637", "ID": "CVE-2014-5637",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Eu Sei (aka com.guilardi.eusei) application eusei_android_5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Eu Sei (aka com.guilardi.eusei) application eusei_android_5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#716257", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/716257" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#716257",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/716257"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
} }

308
2015/2xxx/CVE-2015-2628.json
View File

@ -1,157 +1,157 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-2628", "ID": "CVE-2015-2628",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA."
{ }
"name" : "DSA-3339", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2015/dsa-3339" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3316", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3316" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201603-11", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201603-11" ]
}, },
{ "references": {
"name" : "GLSA-201603-14", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201603-14" "name": "RHSA-2015:1243",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
"name" : "RHSA-2015:1526", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1526.html" "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
"name" : "RHSA-2015:1228", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1228.html" "name": "75796",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/75796"
"name" : "RHSA-2015:1229", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1229.html" "name": "RHSA-2015:1229",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
"name" : "RHSA-2015:1230", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1230.html" "name": "1032910",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032910"
"name" : "RHSA-2015:1241", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1241.html" "name": "USN-2706-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2706-1"
"name" : "RHSA-2015:1242", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1242.html" "name": "RHSA-2015:1526",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
"name" : "RHSA-2015:1243", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1243.html" "name": "openSUSE-SU-2015:1289",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
"name" : "SUSE-SU-2015:1319", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html" "name": "RHSA-2015:1228",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
"name" : "SUSE-SU-2015:1320", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html" "name": "DSA-3316",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3316"
"name" : "openSUSE-SU-2015:1288", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html" "name": "GLSA-201603-11",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201603-11"
"name" : "openSUSE-SU-2015:1289", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html" "name": "GLSA-201603-14",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201603-14"
"name" : "USN-2696-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2696-1" "name": "USN-2696-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2696-1"
"name" : "USN-2706-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2706-1" "name": "DSA-3339",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3339"
"name" : "75796", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75796" "name": "RHSA-2015:1242",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
"name" : "1032910", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032910" "name": "SUSE-SU-2015:1319",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
} },
{
"name": "SUSE-SU-2015:1320",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "RHSA-2015:1241",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name": "RHSA-2015:1230",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
}
]
}
} }

348
2015/2xxx/CVE-2015-2725.json
View File

@ -1,177 +1,177 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2015-2725", "ID": "CVE-2015-2725",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-59.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-59.html" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1056410", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1056410" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1151650", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1151650" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1156861", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1156861" ]
}, },
{ "references": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1159321", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1159321" "name": "openSUSE-SU-2015:1229",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1159973", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1159973" "name": "RHSA-2015:1455",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1455.html"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1163359", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1163359" "name": "SUSE-SU-2015:1268",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1163852", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1163852" "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-59.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-59.html"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1172076", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1172076" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1163359",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1163359"
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1172397", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1172397" "name": "GLSA-201512-10",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201512-10"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1159973",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1159973"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" "name": "75541",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/75541"
"name" : "GLSA-201512-10", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201512-10" "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name" : "RHSA-2015:1455", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1455.html" "name": "1032784",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032784"
"name" : "RHSA-2015:1207", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1207.html" "name": "RHSA-2015:1207",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1207.html"
"name" : "SUSE-SU-2015:1268", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html" "name": "SUSE-SU-2015:1269",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html"
"name" : "SUSE-SU-2015:1269", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1172076",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1172076"
"name" : "SUSE-SU-2015:1449", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1151650",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1151650"
"name" : "openSUSE-SU-2015:1229", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1163852",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1163852"
"name" : "USN-2656-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2656-1" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1159321",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1159321"
"name" : "USN-2656-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2656-2" "name": "USN-2656-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2656-1"
"name" : "75541", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75541" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1172397",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1172397"
"name" : "1032783", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032783" "name": "SUSE-SU-2015:1449",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html"
"name" : "1032784", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032784" "name": "1032783",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1032783"
} },
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1056410",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1056410"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1156861",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1156861"
},
{
"name": "USN-2656-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2656-2"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
} }

218
2015/6xxx/CVE-2015-6246.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6246", "ID": "CVE-2015-6246",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-26.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-26.html" "lang": "eng",
}, "value": "The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
{ }
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5523726e6960fe9d7e301376fd7a94599f65fd42", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5523726e6960fe9d7e301376fd7a94599f65fd42" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" "name": "FEDORA-2015-13945",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html"
"name" : "DSA-3367", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3367" "name": "1033272",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033272"
"name" : "FEDORA-2015-13945", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"name" : "FEDORA-2015-13946", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html" "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358"
"name" : "openSUSE-SU-2015:1836", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html" "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5523726e6960fe9d7e301376fd7a94599f65fd42",
}, "refsource": "CONFIRM",
{ "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5523726e6960fe9d7e301376fd7a94599f65fd42"
"name" : "76381", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76381" "name": "76381",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/76381"
"name" : "1033272", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033272" "name": "FEDORA-2015-13946",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html"
} },
{
"name": "DSA-3367",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3367"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2015-26.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-26.html"
},
{
"name": "openSUSE-SU-2015:1836",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
} }

138
2015/6xxx/CVE-2015-6352.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-6352", "ID": "CVE-2015-6352",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Unified Communications Domain Manager before 10.6(1) provides different error messages for pathname access attempts depending on whether the pathname exists, which allows remote attackers to map a filesystem via a series of requests, aka Bug ID CSCut67891."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20151028 Cisco Unified Communications Domain Manager URI Enumeration Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151027-ucd" "lang": "eng",
}, "value": "Cisco Unified Communications Domain Manager before 10.6(1) provides different error messages for pathname access attempts depending on whether the pathname exists, which allows remote attackers to map a filesystem via a series of requests, aka Bug ID CSCut67891."
{ }
"name" : "77341", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/77341" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034022", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034022" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1034022",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034022"
},
{
"name": "20151028 Cisco Unified Communications Domain Manager URI Enumeration Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151027-ucd"
},
{
"name": "77341",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77341"
}
]
}
} }

158
2015/6xxx/CVE-2015-6826.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6826", "ID": "CVE-2015-6826",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted (1) RV30 or (2) RV40 RealVideo data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20181220 [SECURITY] [DLA 1611-1] libav security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html" "lang": "eng",
}, "value": "The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted (1) RV30 or (2) RV40 RealVideo data."
{ }
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a", ]
"refsource" : "CONFIRM", },
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://ffmpeg.org/security.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://ffmpeg.org/security.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "USN-2944-1", ]
"refsource" : "UBUNTU", }
"url" : "http://www.ubuntu.com/usn/USN-2944-1" ]
}, },
{ "references": {
"name" : "1033483", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033483" "name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a",
} "refsource": "CONFIRM",
] "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a"
} },
{
"name": "USN-2944-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2944-1"
},
{
"name": "[debian-lts-announce] 20181220 [SECURITY] [DLA 1611-1] libav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html"
},
{
"name": "1033483",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033483"
},
{
"name": "http://ffmpeg.org/security.html",
"refsource": "CONFIRM",
"url": "http://ffmpeg.org/security.html"
}
]
}
} }

128
2015/6xxx/CVE-2015-6849.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2015-6849", "ID": "CVE-2015-6849",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20151203 ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2015/Dec/18" "lang": "eng",
}, "value": "EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages."
{ }
"name" : "1034287", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034287" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034287",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034287"
},
{
"name": "20151203 ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2015/Dec/18"
}
]
}
} }

32
2015/6xxx/CVE-2015-6897.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-6897", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-6897",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

158
2015/6xxx/CVE-2015-6973.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6973", "ID": "CVE-2015-6973",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password via a crafted request to user-password.jsp, (2) add users via a crafted request to user-create.jsp, (3) edit server settings or (4) disable SSL on the server via a crafted request to server-props.jsp, or (5) add clients via a crafted request to plugins/clientcontrol/permitted-clients.jsp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150915 Openfire 3.10.2 CSRF Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/536470/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password via a crafted request to user-password.jsp, (2) add users via a crafted request to user-create.jsp, (3) edit server settings or (4) disable SSL on the server via a crafted request to server-props.jsp, or (5) add clients via a crafted request to plugins/clientcontrol/permitted-clients.jsp."
{ }
"name" : "38192", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/38192/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt", "description": [
"refsource" : "MISC", {
"url" : "http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://packetstormsecurity.com/files/133554/Openfire-3.10.2-Cross-Site-Request-Forgery.html", ]
"refsource" : "MISC", }
"url" : "http://packetstormsecurity.com/files/133554/Openfire-3.10.2-Cross-Site-Request-Forgery.html" ]
}, },
{ "references": {
"name" : "GLSA-201612-50", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201612-50" "name": "20150915 Openfire 3.10.2 CSRF Vulnerabilities",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/536470/100/0/threaded"
} },
{
"name": "GLSA-201612-50",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-50"
},
{
"name": "http://packetstormsecurity.com/files/133554/Openfire-3.10.2-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133554/Openfire-3.10.2-Cross-Site-Request-Forgery.html"
},
{
"name": "http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt",
"refsource": "MISC",
"url": "http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt"
},
{
"name": "38192",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38192/"
}
]
}
} }

32
2015/7xxx/CVE-2015-7355.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7355", "ID": "CVE-2015-7355",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

178
2015/7xxx/CVE-2015-7647.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-7647", "ID": "CVE-2015-7647",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2015-7648."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "38969", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/38969/" "lang": "eng",
}, "value": "Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2015-7648."
{ }
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-27.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-27.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201511-02", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201511-02" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2015:2024", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2024.html" ]
}, },
{ "references": {
"name" : "RHSA-2015:1913", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1913.html" "name": "RHSA-2015:1913",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1913.html"
"name" : "77115", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77115" "name": "38969",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/38969/"
"name" : "1033850", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033850" "name": "RHSA-2015:2024",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2015-2024.html"
} },
{
"name": "77115",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77115"
},
{
"name": "1033850",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033850"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-27.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-27.html"
},
{
"name": "GLSA-201511-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201511-02"
}
]
}
} }

128
2015/7xxx/CVE-2015-7650.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-7650", "ID": "CVE-2015-7650",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted CMAP table in a PDF document, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-534", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-534" "lang": "eng",
}, "value": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted CMAP table in a PDF document, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622."
{ }
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-534",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-534"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
}
]
}
} }

118
2015/7xxx/CVE-2015-7732.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7732", "ID": "CVE-2015-7732",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.info-sec.ca/advisories/Avira-Mobile-Security.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.info-sec.ca/advisories/Avira-Mobile-Security.html" "lang": "eng",
} "value": "The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.info-sec.ca/advisories/Avira-Mobile-Security.html",
"refsource": "MISC",
"url": "https://www.info-sec.ca/advisories/Avira-Mobile-Security.html"
}
]
}
} }

128
2016/0xxx/CVE-2016-0012.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-0012", "ID": "CVE-2016-0012",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office 2016, Excel 2016, PowerPoint 2016, Visio 2016, Word 2016, and Visual Basic 6.0 Runtime allow remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka \"Microsoft Office ASLR Bypass.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-004", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-004" "lang": "eng",
}, "value": "Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office 2016, Excel 2016, PowerPoint 2016, Visio 2016, Word 2016, and Visual Basic 6.0 Runtime allow remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka \"Microsoft Office ASLR Bypass.\""
{ }
"name" : "1034651", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034651" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS16-004",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-004"
},
{
"name": "1034651",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034651"
}
]
}
} }

416
2016/0xxx/CVE-2016-0373.json
View File

@ -1,211 +1,211 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2016-11-14T00:00:00", "DATE_PUBLIC": "2016-11-14T00:00:00",
"ID" : "CVE-2016-0373", "ID": "CVE-2016-0373",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "UrbanCode Deploy", "product_name": "UrbanCode Deploy",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.1.0.2" "version_value": "6.1.0.2"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.1.1" "version_value": "6.0.1.1"
}, },
{ {
"version_value" : "6.0.1.2" "version_value": "6.0.1.2"
}, },
{ {
"version_value" : "6.0.1.3" "version_value": "6.0.1.3"
}, },
{ {
"version_value" : "6.0.1.4" "version_value": "6.0.1.4"
}, },
{ {
"version_value" : "6.0.1.5" "version_value": "6.0.1.5"
}, },
{ {
"version_value" : "6.0.1.6" "version_value": "6.0.1.6"
}, },
{ {
"version_value" : "6.1" "version_value": "6.1"
}, },
{ {
"version_value" : "6.1.0.1" "version_value": "6.1.0.1"
}, },
{ {
"version_value" : "6.1.0.3" "version_value": "6.1.0.3"
}, },
{ {
"version_value" : "6.0.1.7" "version_value": "6.0.1.7"
}, },
{ {
"version_value" : "6.0.1.8" "version_value": "6.0.1.8"
}, },
{ {
"version_value" : "6.1.0.4" "version_value": "6.1.0.4"
}, },
{ {
"version_value" : "6.1.1" "version_value": "6.1.1"
}, },
{ {
"version_value" : "6.1.1.1" "version_value": "6.1.1.1"
}, },
{ {
"version_value" : "6.1.1.2" "version_value": "6.1.1.2"
}, },
{ {
"version_value" : "6.1.1.3" "version_value": "6.1.1.3"
}, },
{ {
"version_value" : "6.1.1.4" "version_value": "6.1.1.4"
}, },
{ {
"version_value" : "6.1.1.5" "version_value": "6.1.1.5"
}, },
{ {
"version_value" : "6.0.1.9" "version_value": "6.0.1.9"
}, },
{ {
"version_value" : "6.1.1.6" "version_value": "6.1.1.6"
}, },
{ {
"version_value" : "6.1.1.7" "version_value": "6.1.1.7"
}, },
{ {
"version_value" : "6.1.2" "version_value": "6.1.2"
}, },
{ {
"version_value" : "6.0.1.10" "version_value": "6.0.1.10"
}, },
{ {
"version_value" : "6.0.1.11" "version_value": "6.0.1.11"
}, },
{ {
"version_value" : "6.1.1.8" "version_value": "6.1.1.8"
}, },
{ {
"version_value" : "6.1.3" "version_value": "6.1.3"
}, },
{ {
"version_value" : "6.1.3.1" "version_value": "6.1.3.1"
}, },
{ {
"version_value" : "6.2" "version_value": "6.2"
}, },
{ {
"version_value" : "6.2.0.1" "version_value": "6.2.0.1"
}, },
{ {
"version_value" : "6.0.1.12" "version_value": "6.0.1.12"
}, },
{ {
"version_value" : "6.1.3.2" "version_value": "6.1.3.2"
}, },
{ {
"version_value" : "6.2.0.2" "version_value": "6.2.0.2"
}, },
{ {
"version_value" : "6.2.1" "version_value": "6.2.1"
}, },
{ {
"version_value" : "6.0.1.13" "version_value": "6.0.1.13"
}, },
{ {
"version_value" : "6.2.1.1" "version_value": "6.2.1.1"
}, },
{ {
"version_value" : "6.0.1.14" "version_value": "6.0.1.14"
}, },
{ {
"version_value" : "6.1.3.3" "version_value": "6.1.3.3"
}, },
{ {
"version_value" : "6.2.2" "version_value": "6.2.2"
}, },
{ {
"version_value" : "6.2.2.1" "version_value": "6.2.2.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "H",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "3.100",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg2C1000219", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg2C1000219" "lang": "eng",
}, "value": "IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119."
{ }
"name" : "ibm-ucd-cve20160373-info-disc(112119)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/112119" "impact": {
} "cvssv3": {
] "BM": {
} "A": "N",
"AC": "H",
"AV": "N",
"C": "L",
"I": "N",
"PR": "L",
"S": "U",
"SCORE": "3.100",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg2C1000219",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg2C1000219"
},
{
"name": "ibm-ucd-cve20160373-info-disc(112119)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/112119"
}
]
}
} }

124
2016/1000xxx/CVE-2016-1000271.json
View File

@ -1,65 +1,65 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2019-02-04T11:22:33", "DATE_ASSIGNED": "2019-02-04T11:22:33",
"DATE_REQUESTED" : "2019-02-04T11:22:33", "DATE_REQUESTED": "2019-02-04T11:22:33",
"ID" : "CVE-2016-1000271", "ID": "CVE-2016-1000271",
"REQUESTER" : "kurt@seifried.org", "REQUESTER": "kurt@seifried.org",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Joomla extension DT Register", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5)" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Joomla extension DT Register" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in \"/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events\". This attack appears to be exploitable if the attacker can reach the web server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "SQL Injection"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://packetstormsecurity.com/files/140141/Joomla-DT-Register-SQL-Injection.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://packetstormsecurity.com/files/140141/Joomla-DT-Register-SQL-Injection.html" "lang": "eng",
} "value": "Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in \"/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events\". This attack appears to be exploitable if the attacker can reach the web server."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://packetstormsecurity.com/files/140141/Joomla-DT-Register-SQL-Injection.html",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/140141/Joomla-DT-Register-SQL-Injection.html"
}
]
}
} }

178
2016/10xxx/CVE-2016-10002.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10002", "ID": "CVE-2016-10002",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161217 Re: CVE Request - squid HTTP proxy multiple Information Disclosure issues", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/12/18/1" "lang": "eng",
}, "value": "Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information."
{ }
"name" : "http://www.squid-cache.org/Advisories/SQUID-2016_11.txt", ]
"refsource" : "CONFIRM", },
"url" : "http://www.squid-cache.org/Advisories/SQUID-2016_11.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3745", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3745" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2017:0182", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0182.html" ]
}, },
{ "references": {
"name" : "RHSA-2017:0183", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0183.html" "name": "http://www.squid-cache.org/Advisories/SQUID-2016_11.txt",
}, "refsource": "CONFIRM",
{ "url": "http://www.squid-cache.org/Advisories/SQUID-2016_11.txt"
"name" : "94953", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94953" "name": "1037513",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1037513"
"name" : "1037513", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037513" "name": "[oss-security] 20161217 Re: CVE Request - squid HTTP proxy multiple Information Disclosure issues",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2016/12/18/1"
} },
{
"name": "RHSA-2017:0183",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0183.html"
},
{
"name": "RHSA-2017:0182",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0182.html"
},
{
"name": "94953",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94953"
},
{
"name": "DSA-3745",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3745"
}
]
}
} }

128
2016/10xxx/CVE-2016-10117.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10117", "ID": "CVE-2016-10117",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20170105 Re: Firejail local root exploit", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2017/01/05/4" "lang": "eng",
}, "value": "Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc."
{ }
"name" : "[oss-security] 20170106 Re: Firejail local root exploit", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2017/01/06/2" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20170105 Re: Firejail local root exploit",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/05/4"
},
{
"name": "[oss-security] 20170106 Re: Firejail local root exploit",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/06/2"
}
]
}
} }

218
2016/10xxx/CVE-2016-10200.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-10200", "ID": "CVE-2016-10200",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef" "lang": "eng",
}, "value": "Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c."
{ }
"name" : "http://source.android.com/security/bulletin/2017-03-01.html", ]
"refsource" : "CONFIRM", },
"url" : "http://source.android.com/security/bulletin/2017-03-01.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/torvalds/linux/commit/32c231164b762dddefa13af5a0101032c70b50ef", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/torvalds/linux/commit/32c231164b762dddefa13af5a0101032c70b50ef" ]
}, },
{ "references": {
"name" : "RHSA-2017:1842", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1842" "name": "https://github.com/torvalds/linux/commit/32c231164b762dddefa13af5a0101032c70b50ef",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/32c231164b762dddefa13af5a0101032c70b50ef"
"name" : "RHSA-2017:2077", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:2077" "name": "1037965",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1037965"
"name" : "RHSA-2017:2437", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:2437" "name": "RHSA-2017:2437",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:2437"
"name" : "RHSA-2017:2444", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:2444" "name": "1037968",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1037968"
"name" : "101783", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/101783" "name": "RHSA-2017:2444",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:2444"
"name" : "1037965", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037965" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef"
"name" : "1037968", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037968" "name": "http://source.android.com/security/bulletin/2017-03-01.html",
} "refsource": "CONFIRM",
] "url": "http://source.android.com/security/bulletin/2017-03-01.html"
} },
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14"
},
{
"name": "101783",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101783"
},
{
"name": "RHSA-2017:2077",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
}
]
}
} }

32
2016/4xxx/CVE-2016-4012.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4012", "ID": "CVE-2016-4012",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2016/4xxx/CVE-2016-4039.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4039", "ID": "CVE-2016-4039",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2019/2xxx/CVE-2019-2555.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2019-2555", "ID": "CVE-2019-2555",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "VM VirtualBox", "product_name": "VM VirtualBox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "5.2.24" "version_value": "5.2.24"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "6.0.2" "version_value": "6.0.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)."
{ }
"name" : "106568", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106568" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "106568",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106568"
}
]
}
} }

32
2019/2xxx/CVE-2019-2709.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2709", "ID": "CVE-2019-2709",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/3xxx/CVE-2019-3022.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3022", "ID": "CVE-2019-3022",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/3xxx/CVE-2019-3101.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3101", "ID": "CVE-2019-3101",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/3xxx/CVE-2019-3143.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3143", "ID": "CVE-2019-3143",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/3xxx/CVE-2019-3260.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3260", "ID": "CVE-2019-3260",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/3xxx/CVE-2019-3383.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3383", "ID": "CVE-2019-3383",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/4xxx/CVE-2019-4703.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4703", "ID": "CVE-2019-4703",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/6xxx/CVE-2019-6055.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6055", "ID": "CVE-2019-6055",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/6xxx/CVE-2019-6639.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6639", "ID": "CVE-2019-6639",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/6xxx/CVE-2019-6692.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6692", "ID": "CVE-2019-6692",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/6xxx/CVE-2019-6725.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6725", "ID": "CVE-2019-6725",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

118
2019/7xxx/CVE-2019-7153.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7153", "ID": "CVE-2019-7153",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/WebAssembly/binaryen/issues/1879", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/WebAssembly/binaryen/issues/1879" "lang": "eng",
} "value": "A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/WebAssembly/binaryen/issues/1879",
"refsource": "MISC",
"url": "https://github.com/WebAssembly/binaryen/issues/1879"
}
]
}
} }

32
2019/7xxx/CVE-2019-7281.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7281", "ID": "CVE-2019-7281",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

118
2019/7xxx/CVE-2019-7336.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7336", "ID": "CVE-2019-7336",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view _monitor_filters.php contains takes in input from the user and saves it into the session, and retrieves it later (insecurely). The values of the MonitorName and Source parameters are being displayed without any output filtration being applied. This relates to the view=cycle value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/ZoneMinder/zoneminder/issues/2457", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/ZoneMinder/zoneminder/issues/2457" "lang": "eng",
} "value": "Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view _monitor_filters.php contains takes in input from the user and saves it into the session, and retrieves it later (insecurely). The values of the MonitorName and Source parameters are being displayed without any output filtration being applied. This relates to the view=cycle value."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ZoneMinder/zoneminder/issues/2457",
"refsource": "MISC",
"url": "https://github.com/ZoneMinder/zoneminder/issues/2457"
}
]
}
} }

32
2019/7xxx/CVE-2019-7529.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7529", "ID": "CVE-2019-7529",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/8xxx/CVE-2019-8072.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8072", "ID": "CVE-2019-8072",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/8xxx/CVE-2019-8081.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8081", "ID": "CVE-2019-8081",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/8xxx/CVE-2019-8714.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8714", "ID": "CVE-2019-8714",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/8xxx/CVE-2019-8898.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8898", "ID": "CVE-2019-8898",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2019/9xxx/CVE-2019-9109.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9109", "ID": "CVE-2019-9109",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "XSS exists in WUZHI CMS 4.1.0 via index.php?m=message&f=message&v=add&username=[XSS] to coreframe/app/message/message.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://gist.github.com/redeye5/57ccafea7263efec67c82b0503c72480", "description_data": [
"refsource" : "MISC", {
"url" : "https://gist.github.com/redeye5/57ccafea7263efec67c82b0503c72480" "lang": "eng",
}, "value": "XSS exists in WUZHI CMS 4.1.0 via index.php?m=message&f=message&v=add&username=[XSS] to coreframe/app/message/message.php."
{ }
"name" : "https://github.com/wuzhicms/wuzhicms/issues/172", ]
"refsource" : "MISC", },
"url" : "https://github.com/wuzhicms/wuzhicms/issues/172" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wuzhicms/wuzhicms/issues/172",
"refsource": "MISC",
"url": "https://github.com/wuzhicms/wuzhicms/issues/172"
},
{
"name": "https://gist.github.com/redeye5/57ccafea7263efec67c82b0503c72480",
"refsource": "MISC",
"url": "https://gist.github.com/redeye5/57ccafea7263efec67c82b0503c72480"
}
]
}
} }

32
2019/9xxx/CVE-2019-9380.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9380", "ID": "CVE-2019-9380",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/9xxx/CVE-2019-9674.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9674", "ID": "CVE-2019-9674",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/9xxx/CVE-2019-9701.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9701", "ID": "CVE-2019-9701",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }