admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:15:34 +00:00
parent cf346002e6
commit dfe827e47c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
55 changed files with 2988 additions and 2988 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2007/0xxx/CVE-2007-0485.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0485",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0485",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in defines.php in WebChat 0.77 allows remote attackers to execute arbitrary PHP code via a URL in the WEBCHATPATH parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in defines.php in WebChat 0.77 allows remote attackers to execute arbitrary PHP code via a URL in the WEBCHATPATH parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20030303 WebChat (PHP)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/313610/30/25700/threaded"
"name": "3169",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3169"
},
{
"name" : "3169",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3169"
"name": "webchat-definesphp-file-include(31624)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31624"
},
{
"name" : "7000",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/7000"
"name": "20030303 WebChat (PHP)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/313610/30/25700/threaded"
},
{
"name" : "1006193",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1006193"
"name": "8206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8206"
},
{
"name" : "8206",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/8206"
"name": "1006193",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1006193"
},
{
"name" : "webchat-definesphp-file-include(31624)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31624"
"name": "7000",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7000"
}
]
}

104
2007/0xxx/CVE-2007-0873.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0873",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0873",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "nabopoll 1.1.2 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for (1) config_edit.php, (2) template_edit.php, or (3) survey_edit.php in admin/."
"lang": "eng",
"value": "nabopoll 1.1.2 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for (1) config_edit.php, (2) template_edit.php, or (3) survey_edit.php in admin/."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070210 nabopoll 1.1.2 sensitive file (admin without password)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/459655/100/0/threaded"
"name": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2643",
"refsource": "MISC",
"url": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2643"
},
{
"name" : "3305",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3305"
"name": "2232",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2232"
},
{
"name" : "http://forums.avenir-geopolitique.net/viewtopic.php?t=2643",
"refsource" : "MISC",
"url" : "http://forums.avenir-geopolitique.net/viewtopic.php?t=2643"
"name": "33692",
"refsource": "OSVDB",
"url": "http://osvdb.org/33692"
},
{
"name" : "20070215 [milw0rm] exploit 3305",
"refsource" : "VIM",
"url" : "http://attrition.org/pipermail/vim/2007-February/001341.html"
"name": "22509",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22509"
},
{
"name" : "22509",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22509"
"name": "20070210 nabopoll 1.1.2 sensitive file (admin without password)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459655/100/0/threaded"
},
{
"name" : "33692",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33692"
"name": "3305",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3305"
},
{
"name" : "2232",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2232"
"name": "20070215 [milw0rm] exploit 3305",
"refsource": "VIM",
"url": "http://attrition.org/pipermail/vim/2007-February/001341.html"
},
{
"name" : "nabopoll-adminscripts-unauthorized-access(32472)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32472"
"name": "nabopoll-adminscripts-unauthorized-access(32472)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32472"
}
]
}

92
2007/3xxx/CVE-2007-3237.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3237",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3237",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in admin/spaw/spaw_control.class.php in the TinyContent 1.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in admin/spaw/spaw_control.class.php in the TinyContent 1.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4063",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4063"
"name": "4063",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4063"
},
{
"name" : "http://www.xoops.org/modules/news/article.php?storyid=3799",
"refsource" : "CONFIRM",
"url" : "http://www.xoops.org/modules/news/article.php?storyid=3799"
"name": "35383",
"refsource": "OSVDB",
"url": "http://osvdb.org/35383"
},
{
"name" : "35383",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35383"
"name": "ADV-2007-2204",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2204"
},
{
"name" : "ADV-2007-2204",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2204"
"name": "25652",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25652"
},
{
"name" : "25652",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25652"
"name": "http://www.xoops.org/modules/news/article.php?storyid=3799",
"refsource": "CONFIRM",
"url": "http://www.xoops.org/modules/news/article.php?storyid=3799"
},
{
"name" : "xoops-tinycontent-spawcontrol-file-include(34839)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34839"
"name": "xoops-tinycontent-spawcontrol-file-include(34839)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34839"
}
]
}

104
2007/3xxx/CVE-2007-3505.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3505",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3505",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) sequence in the lang parameter to (1) qtf_checkname.php, (2) qtf_j_birth.php, or (3) qtf_j_exists.php."
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) sequence in the lang parameter to (1) qtf_checkname.php, (2) qtf_j_birth.php, or (3) qtf_j_exists.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4115",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4115"
"name": "36486",
"refsource": "OSVDB",
"url": "http://osvdb.org/36486"
},
{
"name" : "24671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24671"
"name": "36487",
"refsource": "OSVDB",
"url": "http://osvdb.org/36487"
},
{
"name" : "ADV-2007-2373",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2373"
"name": "36485",
"refsource": "OSVDB",
"url": "http://osvdb.org/36485"
},
{
"name" : "36485",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36485"
"name": "25868",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25868"
},
{
"name" : "36486",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36486"
"name": "24671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24671"
},
{
"name" : "36487",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36487"
"name": "4115",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4115"
},
{
"name" : "25868",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25868"
"name": "ADV-2007-2373",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2373"
},
{
"name" : "quicktalkforum-lang-file-include(35117)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35117"
"name": "quicktalkforum-lang-file-include(35117)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35117"
}
]
}

80
2007/3xxx/CVE-2007-3580.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3580",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3580",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHPIDS does not properly handle certain code containing newlines, as demonstrated by a try/catch block within a loop, which allows user-assisted remote attackers to inject arbitrary web script."
"lang": "eng",
"value": "PHPIDS does not properly handle certain code containing newlines, as demonstrated by a try/catch block within a loop, which allows user-assisted remote attackers to inject arbitrary web script."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0",
"refsource" : "MISC",
"url" : "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0"
"name": "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0",
"refsource": "MISC",
"url": "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0"
},
{
"name" : "http://sla.ckers.org/forum/read.php?2,13209,13218",
"refsource" : "MISC",
"url" : "http://sla.ckers.org/forum/read.php?2,13209,13218"
"name": "http://sla.ckers.org/forum/read.php?2,13209,13218",
"refsource": "MISC",
"url": "http://sla.ckers.org/forum/read.php?2,13209,13218"
},
{
"name" : "45755",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45755"
"name": "45755",
"refsource": "OSVDB",
"url": "http://osvdb.org/45755"
},
{
"name" : "phpids-newline-xss(35521)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35521"
"name": "phpids-newline-xss(35521)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35521"
}
]
}

104
2007/3xxx/CVE-2007-3673.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3673",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3673",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\\\symTDI\\, which results in memory overwrite."
"lang": "eng",
"value": "Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\\\symTDI\\, which results in memory overwrite."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070711 Symantec AntiVirus symtdi.sys Local Privilege Escalation Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554"
"name": "26042",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26042"
},
{
"name" : "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html",
"refsource" : "CONFIRM",
"url" : "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html"
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html"
},
{
"name" : "22351",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22351"
"name": "symantec-multi-symtdi-privilege-escalation(35347)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35347"
},
{
"name" : "36117",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36117"
"name": "22351",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22351"
},
{
"name" : "ADV-2007-2507",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2507"
"name": "ADV-2007-2507",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2507"
},
{
"name" : "1018372",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1018372"
"name": "36117",
"refsource": "OSVDB",
"url": "http://osvdb.org/36117"
},
{
"name" : "26042",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26042"
"name": "1018372",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018372"
},
{
"name" : "symantec-multi-symtdi-privilege-escalation(35347)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35347"
"name": "20070711 Symantec AntiVirus symtdi.sys Local Privilege Escalation Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554"
}
]
}

110
2007/4xxx/CVE-2007-4135.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4135",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-4135",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle return values from the getpwnam_r function when performing a username lookup, which can cause it to report a file as being owned by \"root\" instead of \"nobody\" if the file exists on the server but not on the client."
"lang": "eng",
"value": "The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle return values from the getpwnam_r function when performing a username lookup, which can cause it to report a file as being owned by \"root\" instead of \"nobody\" if the file exists on the server but not on the client."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MDKSA-2007:240",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:240"
"name": "27043",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27043"
},
{
"name" : "RHSA-2007:0951",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0951.html"
"name": "oval:org.mitre.oval:def:9864",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9864"
},
{
"name" : "SUSE-SR:2007:018",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
"name": "RHSA-2007:0951",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0951.html"
},
{
"name" : "26767",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26767"
"name": "SUSE-SR:2007:018",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
},
{
"name" : "45825",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45825"
"name": "26767",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26767"
},
{
"name" : "oval:org.mitre.oval:def:9864",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9864"
"name": "MDKSA-2007:240",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:240"
},
{
"name" : "26674",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26674"
"name": "45825",
"refsource": "OSVDB",
"url": "http://osvdb.org/45825"
},
{
"name" : "27043",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27043"
"name": "26674",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26674"
},
{
"name" : "nfsv4-idmapper-uid-unspecified(36396)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36396"
"name": "nfsv4-idmapper-uid-unspecified(36396)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36396"
}
]
}

80
2007/4xxx/CVE-2007-4249.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4249",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4249",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The isChecked function in Toolbar.DLL in the ExportNation toolbar for Internet Explorer allows remote attackers to cause a denial of service (NULL dereference and browser crash) via unspecified vectors."
"lang": "eng",
"value": "The isChecked function in Toolbar.DLL in the ExportNation toolbar for Internet Explorer allows remote attackers to cause a denial of service (NULL dereference and browser crash) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070804 [ELEYTT] 4SIERPIEN2007",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/475534/100/0/threaded"
"name": "exportnation-ischecked-dos(35804)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35804"
},
{
"name" : "46985",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/46985"
"name": "20070804 [ELEYTT] 4SIERPIEN2007",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475534/100/0/threaded"
},
{
"name" : "3004",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3004"
"name": "46985",
"refsource": "OSVDB",
"url": "http://osvdb.org/46985"
},
{
"name" : "exportnation-ischecked-dos(35804)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35804"
"name": "3004",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3004"
}
]
}

116
2007/4xxx/CVE-2007-4667.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4667",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4667",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Services API in Firebird before 2.0.2 allows remote attackers to cause a denial of service, aka CORE-1149."
"lang": "eng",
"value": "Unspecified vulnerability in the Services API in Firebird before 2.0.2 allows remote attackers to cause a denial of service, aka CORE-1149."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://tracker.firebirdsql.org/browse/CORE-1149",
"refsource" : "MISC",
"url" : "http://tracker.firebirdsql.org/browse/CORE-1149"
"name": "firebird-serviceapi-dos(36356)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36356"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=535898",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=535898"
"name": "25497",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25497"
},
{
"name" : "http://www.firebirdsql.org/index.php?op=files&id=engine_202",
"refsource" : "CONFIRM",
"url" : "http://www.firebirdsql.org/index.php?op=files&id=engine_202"
"name": "ADV-2007-3021",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3021"
},
{
"name" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf"
"name": "26615",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26615"
},
{
"name" : "DSA-1529",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1529"
"name": "http://tracker.firebirdsql.org/browse/CORE-1149",
"refsource": "MISC",
"url": "http://tracker.firebirdsql.org/browse/CORE-1149"
},
{
"name" : "25497",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25497"
"name": "http://www.firebirdsql.org/index.php?op=files&id=engine_202",
"refsource": "CONFIRM",
"url": "http://www.firebirdsql.org/index.php?op=files&id=engine_202"
},
{
"name" : "ADV-2007-3021",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3021"
"name": "29501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29501"
},
{
"name" : "26615",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26615"
"name": "http://sourceforge.net/project/shownotes.php?release_id=535898",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=535898"
},
{
"name" : "29501",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29501"
"name": "DSA-1529",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1529"
},
{
"name" : "firebird-serviceapi-dos(36356)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36356"
"name": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf",
"refsource": "CONFIRM",
"url": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf"
}
]
}

86
2007/4xxx/CVE-2007-4980.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4980",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4980",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The readRequest method in org/gcaldaemon/core/http/HTTPListener.java in GCALDaemon 1.0-beta13 allows remote attackers to cause a denial of service via a large integer value in the Content-Length HTTP header, which triggers a fatal Java OutOfMemoryError."
"lang": "eng",
"value": "The readRequest method in org/gcaldaemon/core/http/HTTPListener.java in GCALDaemon 1.0-beta13 allows remote attackers to cause a denial of service via a large integer value in the Content-Length HTTP header, which triggers a fatal Java OutOfMemoryError."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070918 GCALDaemon Remote DoS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/479816/100/0/threaded"
"name": "40922",
"refsource": "OSVDB",
"url": "http://osvdb.org/40922"
},
{
"name" : "25704",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25704"
"name": "20070918 GCALDaemon Remote DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479816/100/0/threaded"
},
{
"name" : "40922",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/40922"
"name": "3154",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3154"
},
{
"name" : "3154",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3154"
"name": "gcaldaemon-httplistener-dos(36670)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36670"
},
{
"name" : "gcaldaemon-httplistener-dos(36670)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36670"
"name": "25704",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25704"
}
]
}

86
2007/6xxx/CVE-2007-6317.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6317",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6317",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remote attackers to read arbitrary files via certain ..\\ (dot dot backslash) sequences in the URL path, or (2) remote authenticated users to delete arbitrary files or create arbitrary directories via a ..\\ (dot dot backslash) sequence in the dir parameter to /drive/c/bdusers/USER/."
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remote attackers to read arbitrary files via certain ..\\ (dot dot backslash) sequences in the URL path, or (2) remote authenticated users to delete arbitrary files or create arbitrary directories via a ..\\ (dot dot backslash) sequence in the dir parameter to /drive/c/bdusers/USER/."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20071210 Multiple vulnerabilities in BarracudaDrive 3.7.2",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/484833/100/0/threaded"
"name": "20071210 Multiple vulnerabilities in BarracudaDrive 3.7.2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484833/100/0/threaded"
},
{
"name" : "http://aluigi.altervista.org/adv/barradrive-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/barradrive-adv.txt"
"name": "28032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28032"
},
{
"name" : "26805",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26805"
"name": "http://aluigi.altervista.org/adv/barradrive-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/barradrive-adv.txt"
},
{
"name" : "28032",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28032"
"name": "3434",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3434"
},
{
"name" : "3434",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3434"
"name": "26805",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26805"
}
]
}

92
2007/6xxx/CVE-2007-6347.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6347",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6347",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in blocks/block_site_map.php in ViArt (1) CMS 3.3.2, (2) HelpDesk 3.3.2, (3) Shop Evaluation 3.3.2, and (4) Shop Free 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the root_folder_path parameter. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in blocks/block_site_map.php in ViArt (1) CMS 3.3.2, (2) HelpDesk 3.3.2, (3) Shop Evaluation 3.3.2, and (4) Shop Free 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the root_folder_path parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4722",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4722"
"name": "viart-blocksitemap-file-include(38993)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38993"
},
{
"name" : "26828",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26828"
"name": "26828",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26828"
},
{
"name" : "ADV-2007-4207",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/4207"
"name": "4722",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4722"
},
{
"name" : "42628",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/42628"
"name": "42628",
"refsource": "OSVDB",
"url": "http://osvdb.org/42628"
},
{
"name" : "28066",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28066"
"name": "ADV-2007-4207",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4207"
},
{
"name" : "viart-blocksitemap-file-include(38993)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38993"
"name": "28066",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28066"
}
]
}

22
2014/1xxx/CVE-2014-1953.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1953",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1953",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

104
2014/5xxx/CVE-2014-5308.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5308",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5308",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote authenticated users to execute arbitrary SQL commands via the (1) name parameter in a Search action to lib/project/projectView.php or (2) id parameter to lib/events/eventinfo.php."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote authenticated users to execute arbitrary SQL commands via the (1) name parameter in a Search action to lib/project/projectView.php or (2) id parameter to lib/events/eventinfo.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "34863",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/34863"
"name": "https://gitorious.org/testlink-ga/testlink-code/commit/7a099737b4c739bf083df016c0a99f66dd8ac0b3",
"refsource": "CONFIRM",
"url": "https://gitorious.org/testlink-ga/testlink-code/commit/7a099737b4c739bf083df016c0a99f66dd8ac0b3"
},
{
"name" : "20141001 CVE-2014-5308 - Multiple SQL Injection Vulnerabilities in TestLink",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Oct/11"
"name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5308",
"refsource": "MISC",
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5308"
},
{
"name" : "20141001 Re: CVE-2014-5308 - Multiple SQL Injection Vulnerabilities in TestLink",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Oct/13"
"name": "70207",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70207"
},
{
"name" : "http://packetstormsecurity.com/files/128521/TestLink-1.9.11-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/128521/TestLink-1.9.11-SQL-Injection.html"
"name": "20141001 Re: CVE-2014-5308 - Multiple SQL Injection Vulnerabilities in TestLink",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/13"
},
{
"name" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5308",
"refsource" : "MISC",
"url" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5308"
"name": "112524",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/112524"
},
{
"name" : "https://gitorious.org/testlink-ga/testlink-code/commit/7a099737b4c739bf083df016c0a99f66dd8ac0b3",
"refsource" : "CONFIRM",
"url" : "https://gitorious.org/testlink-ga/testlink-code/commit/7a099737b4c739bf083df016c0a99f66dd8ac0b3"
"name": "34863",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/34863"
},
{
"name" : "70207",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70207"
"name": "http://packetstormsecurity.com/files/128521/TestLink-1.9.11-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128521/TestLink-1.9.11-SQL-Injection.html"
},
{
"name" : "112524",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/show/osvdb/112524"
"name": "20141001 CVE-2014-5308 - Multiple SQL Injection Vulnerabilities in TestLink",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/11"
}
]
}

74
2014/5xxx/CVE-2014-5834.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5834",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5834",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Solitaire Deluxe (aka com.gosub60.solfree2) application 2.8.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Solitaire Deluxe (aka com.gosub60.solfree2) application 2.8.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#274849",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/274849"
},
{
"name" : "VU#274849",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/274849"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/5xxx/CVE-2014-5978.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5978",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5978",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The memetan (aka memetan.android.com.activity) application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The memetan (aka memetan.android.com.activity) application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#864273",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/864273"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#864273",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/864273"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

22
2015/2xxx/CVE-2015-2074.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2074",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2074",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

98
2015/2xxx/CVE-2015-2192.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2192",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2192",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet."
"lang": "eng",
"value": "Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-11.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-11.html"
"name": "openSUSE-SU-2015:0489",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11024",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11024"
"name": "http://www.wireshark.org/security/wnpa-sec-2015-11.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-11.html"
},
{
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c35ca6c051adb28c321db54cc138f18637977c9a",
"refsource" : "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c35ca6c051adb28c321db54cc138f18637977c9a"
"name": "1031858",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031858"
},
{
"name" : "GLSA-201510-03",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201510-03"
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c35ca6c051adb28c321db54cc138f18637977c9a",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c35ca6c051adb28c321db54cc138f18637977c9a"
},
{
"name" : "openSUSE-SU-2015:0489",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html"
"name": "GLSA-201510-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201510-03"
},
{
"name" : "72937",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72937"
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11024",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11024"
},
{
"name" : "1031858",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031858"
"name": "72937",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72937"
}
]
}

62
2015/2xxx/CVE-2015-2856.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2856",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-2856",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA_9_11_210 allows remote attackers to read arbitrary files via a .. (dot dot) in the statecode cookie."
"lang": "eng",
"value": "Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA_9_11_210 allows remote attackers to read arbitrary files via a .. (dot dot) in the statecode cookie."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.rapid7.com/db/modules/auxiliary/scanner/http/accellion_fta_statecode_file_read",
"refsource" : "MISC",
"url" : "https://www.rapid7.com/db/modules/auxiliary/scanner/http/accellion_fta_statecode_file_read"
"name": "https://www.rapid7.com/db/modules/auxiliary/scanner/http/accellion_fta_statecode_file_read",
"refsource": "MISC",
"url": "https://www.rapid7.com/db/modules/auxiliary/scanner/http/accellion_fta_statecode_file_read"
}
]
}

86
2015/6xxx/CVE-2015-6520.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6520",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6520",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IPPUSBXD before 1.22 listens on all interfaces, which allows remote attackers to obtain access to USB connected printers via a direct request."
"lang": "eng",
"value": "IPPUSBXD before 1.22 listens on all interfaces, which allows remote attackers to obtain access to USB connected printers via a direct request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150810 CVE Request: ippusbxd",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/08/11/1"
"name": "[oss-security] 20150818 Re: CVE Request: ippusbxd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/08/18/11"
},
{
"name" : "[oss-security] 20150818 Re: CVE Request: ippusbxd",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/08/18/11"
"name": "https://bugs.launchpad.net/ubuntu/+source/ippusbxd/+bug/1455644",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/ippusbxd/+bug/1455644"
},
{
"name" : "https://bugs.launchpad.net/ubuntu/+source/ippusbxd/+bug/1455644",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/ubuntu/+source/ippusbxd/+bug/1455644"
"name": "https://github.com/tillkamppeter/ippusbxd/commit/46844402bca7a38fc224483ba6f0a93c4613203f",
"refsource": "CONFIRM",
"url": "https://github.com/tillkamppeter/ippusbxd/commit/46844402bca7a38fc224483ba6f0a93c4613203f"
},
{
"name" : "https://github.com/tillkamppeter/ippusbxd/commit/46844402bca7a38fc224483ba6f0a93c4613203f",
"refsource" : "CONFIRM",
"url" : "https://github.com/tillkamppeter/ippusbxd/commit/46844402bca7a38fc224483ba6f0a93c4613203f"
"name": "USN-2725-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2725-1"
},
{
"name" : "USN-2725-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2725-1"
"name": "[oss-security] 20150810 CVE Request: ippusbxd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/08/11/1"
}
]
}

74
2015/6xxx/CVE-2015-6714.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6714",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-6714",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Function bind implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623."
"lang": "eng",
"value": "The Function bind implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-490",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-490"
"name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
"name": "1033796",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033796"
},
{
"name" : "1033796",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033796"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-490",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-490"
}
]
}

86
2015/6xxx/CVE-2015-6818.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6818",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6818",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted image with two or more of these chunks."
"lang": "eng",
"value": "The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted image with two or more of these chunks."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[debian-lts-announce] 20181220 [SECURITY] [DLA 1611-1] libav security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html"
"name": "USN-2944-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2944-1"
},
{
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=47f4e2d8960ca756ca153ab8e3e93d80449b8c91",
"refsource" : "CONFIRM",
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=47f4e2d8960ca756ca153ab8e3e93d80449b8c91"
"name": "[debian-lts-announce] 20181220 [SECURITY] [DLA 1611-1] libav security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html"
},
{
"name" : "http://ffmpeg.org/security.html",
"refsource" : "CONFIRM",
"url" : "http://ffmpeg.org/security.html"
"name": "1033483",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033483"
},
{
"name" : "USN-2944-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2944-1"
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=47f4e2d8960ca756ca153ab8e3e93d80449b8c91",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=47f4e2d8960ca756ca153ab8e3e93d80449b8c91"
},
{
"name" : "1033483",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033483"
"name": "http://ffmpeg.org/security.html",
"refsource": "CONFIRM",
"url": "http://ffmpeg.org/security.html"
}
]
}

68
2015/7xxx/CVE-2015-7485.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7485",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-7485",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108626."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108626."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983720",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983720"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720"
},
{
"name" : "ibm-relm-cve20157485-xss(108626)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/108626"
"name": "ibm-relm-cve20157485-xss(108626)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108626"
}
]
}

86
2016/0xxx/CVE-2016-0102.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0102",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-0102",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114."
"lang": "eng",
"value": "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS16-023",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023"
"name": "1035204",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035204"
},
{
"name" : "MS16-024",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024"
"name": "84018",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84018"
},
{
"name" : "84018",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84018"
"name": "MS16-024",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024"
},
{
"name" : "1035203",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035203"
"name": "1035203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035203"
},
{
"name" : "1035204",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035204"
"name": "MS16-023",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023"
}
]
}

68
2016/0xxx/CVE-2016-0318.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0318",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0318",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 does not destroy a Session ID upon a logout action, which allows remote attackers to obtain access by leveraging an unattended workstation."
"lang": "eng",
"value": "Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 does not destroy a Session ID upon a logout action, which allows remote attackers to obtain access by leveraging an unattended workstation."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983137",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983137"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21983137",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983137"
},
{
"name" : "92466",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92466"
"name": "92466",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92466"
}
]
}

68
2016/0xxx/CVE-2016-0832.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0832",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-0832",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25955042."
"lang": "eng",
"value": "Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25955042."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://source.android.com/security/bulletin/2016-03-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-03-01.html"
"name": "http://source.android.com/security/bulletin/2016-03-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-03-01.html"
},
{
"name" : "84264",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84264"
"name": "84264",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84264"
}
]
}

22
2016/1000xxx/CVE-2016-1000233.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1000233",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000233",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2016/10xxx/CVE-2016-10261.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10261",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10261",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

86
2016/4xxx/CVE-2016-4691.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-4691",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-4691",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"FontParser\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font."
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"FontParser\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT207422",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207422"
"name": "https://support.apple.com/HT207487",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207487"
},
{
"name" : "https://support.apple.com/HT207423",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207423"
"name": "https://support.apple.com/HT207422",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207422"
},
{
"name" : "https://support.apple.com/HT207487",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207487"
"name": "94905",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94905"
},
{
"name" : "94905",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94905"
"name": "1037469",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037469"
},
{
"name" : "1037469",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037469"
"name": "https://support.apple.com/HT207423",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207423"
}
]
}

166
2016/4xxx/CVE-2016-4838.json
View File

@ -1,183 +1,183 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2016-4838",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4838",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Money Forward",
"version" : {
"version_data" : [
"product_name": "Money Forward",
"version": {
"version_data": [
{
"version_value" : "prior to v7.18.0"
"version_value": "prior to v7.18.0"
}
]
}
},
{
"product_name" : "Money Forward for The Gunma Bank",
"version" : {
"version_data" : [
"product_name": "Money Forward for The Gunma Bank",
"version": {
"version_data": [
{
"version_value" : "prior to v1.2.0"
"version_value": "prior to v1.2.0"
}
]
}
},
{
"product_name" : "Money Forward for SHIGA BANK",
"version" : {
"version_data" : [
"product_name": "Money Forward for SHIGA BANK",
"version": {
"version_data": [
{
"version_value" : "prior to v1.2.0"
"version_value": "prior to v1.2.0"
}
]
}
},
{
"product_name" : "Money Forward for SHIZUOKA BANK",
"version" : {
"version_data" : [
"product_name": "Money Forward for SHIZUOKA BANK",
"version": {
"version_data": [
{
"version_value" : "prior to v1.4.0"
"version_value": "prior to v1.4.0"
}
]
}
},
{
"product_name" : "Money Forward for SBI Sumishin Net Bank",
"version" : {
"version_data" : [
"product_name": "Money Forward for SBI Sumishin Net Bank",
"version": {
"version_data": [
{
"version_value" : "prior to v1.6.0"
"version_value": "prior to v1.6.0"
}
]
}
},
{
"product_name" : "Money Forward for Tokai Tokyo Securities",
"version" : {
"version_data" : [
"product_name": "Money Forward for Tokai Tokyo Securities",
"version": {
"version_data": [
{
"version_value" : "prior to v1.4.0"
"version_value": "prior to v1.4.0"
}
]
}
},
{
"product_name" : "Money Forward for THE TOHO BANK",
"version" : {
"version_data" : [
"product_name": "Money Forward for THE TOHO BANK",
"version": {
"version_data": [
{
"version_value" : "prior to v1.3.0"
"version_value": "prior to v1.3.0"
}
]
}
},
{
"product_name" : "Money Forward for YMFG",
"version" : {
"version_data" : [
"product_name": "Money Forward for YMFG",
"version": {
"version_data": [
{
"version_value" : "prior to v1.5.0"
"version_value": "prior to v1.5.0"
}
]
}
}
]
},
"vendor_name" : "Money Foward, Inc."
"vendor_name": "Money Foward, Inc."
},
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Money Forward for AppPass",
"version" : {
"version_data" : [
"product_name": "Money Forward for AppPass",
"version": {
"version_data": [
{
"version_value" : "prior to v7.18.3"
"version_value": "prior to v7.18.3"
}
]
}
},
{
"product_name" : "Money Forward for au SMARTPASS",
"version" : {
"version_data" : [
"product_name": "Money Forward for au SMARTPASS",
"version": {
"version_data": [
{
"version_value" : "prior to v7.18.0"
"version_value": "prior to v7.18.0"
}
]
}
},
{
"product_name" : "Money Forward for Chou Houdai",
"version" : {
"version_data" : [
"product_name": "Money Forward for Chou Houdai",
"version": {
"version_data": [
{
"version_value" : "prior to v7.18.3"
"version_value": "prior to v7.18.3"
}
]
}
}
]
},
"vendor_name" : "SOURCENEXT CORPORATION"
"vendor_name": "SOURCENEXT CORPORATION"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior to v1.6.0), Money Forward for Tokai Tokyo Securities (prior to v1.4.0), Money Forward for THE TOHO BANK (prior to v1.3.0), Money Forward for YMFG (prior to v1.5.0) provided by Money Forward, Inc. and Money Forward for AppPass (prior to v7.18.3), Money Forward for au SMARTPASS (prior to v7.18.0), Money Forward for Chou Houdai (prior to v7.18.3) provided by SOURCENEXT CORPORATION allows an attacker to execute unintended operations via a specially crafted application."
"lang": "eng",
"value": "The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior to v1.6.0), Money Forward for Tokai Tokyo Securities (prior to v1.4.0), Money Forward for THE TOHO BANK (prior to v1.3.0), Money Forward for YMFG (prior to v1.5.0) provided by Money Forward, Inc. and Money Forward for AppPass (prior to v7.18.3), Money Forward for au SMARTPASS (prior to v7.18.0), Money Forward for Chou Houdai (prior to v7.18.3) provided by SOURCENEXT CORPORATION allows an attacker to execute unintended operations via a specially crafted application."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Unintended operation execution"
"lang": "eng",
"value": "Unintended operation execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.sourcenext.com/support/i/160725_1",
"refsource" : "MISC",
"url" : "http://www.sourcenext.com/support/i/160725_1"
"name": "http://www.sourcenext.com/support/i/160725_1",
"refsource": "MISC",
"url": "http://www.sourcenext.com/support/i/160725_1"
},
{
"name" : "http://corp.moneyforward.com/info/20160920-mf-android/",
"refsource" : "CONFIRM",
"url" : "http://corp.moneyforward.com/info/20160920-mf-android/"
"name": "JVN#49343562",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN49343562/index.html"
},
{
"name" : "JVN#49343562",
"refsource" : "JVN",
"url" : "https://jvn.jp/en/jp/JVN49343562/index.html"
"name": "http://corp.moneyforward.com/info/20160920-mf-android/",
"refsource": "CONFIRM",
"url": "http://corp.moneyforward.com/info/20160920-mf-android/"
},
{
"name" : "93034",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93034"
"name": "93034",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93034"
}
]
}

22
2016/4xxx/CVE-2016-4937.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4937",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-4937",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

80
2016/9xxx/CVE-2016-9414.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9414",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9414",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories."
"lang": "eng",
"value": "MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/11/10/8"
"name": "94395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94395"
},
{
"name" : "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/11/18/1"
"name": "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/18/1"
},
{
"name" : "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/",
"refsource" : "CONFIRM",
"url" : "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/"
"name": "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/10/8"
},
{
"name" : "94395",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94395"
"name": "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/",
"refsource": "CONFIRM",
"url": "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/"
}
]
}

104
2016/9xxx/CVE-2016-9812.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9812",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9812",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section."
"lang": "eng",
"value": "The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20161201 gstreamer multiple issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/12/01/2"
"name": "DSA-3818",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3818"
},
{
"name" : "[oss-security] 20161204 Re: gstreamer multiple issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/12/05/8"
"name": "RHSA-2017:0021",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0021.html"
},
{
"name" : "https://bugzilla.gnome.org/show_bug.cgi?id=775048",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.gnome.org/show_bug.cgi?id=775048"
"name": "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2",
"refsource": "CONFIRM",
"url": "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2"
},
{
"name" : "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2",
"refsource" : "CONFIRM",
"url" : "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2"
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=775048",
"refsource": "CONFIRM",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=775048"
},
{
"name" : "DSA-3818",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3818"
"name": "95160",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95160"
},
{
"name" : "GLSA-201705-10",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201705-10"
"name": "[oss-security] 20161204 Re: gstreamer multiple issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/05/8"
},
{
"name" : "RHSA-2017:0021",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0021.html"
"name": "GLSA-201705-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201705-10"
},
{
"name" : "95160",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95160"
"name": "[oss-security] 20161201 gstreamer multiple issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/01/2"
}
]
}

72
2019/1003xxx/CVE-2019-1003003.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "kurt@seifried.org",
"DATE_ASSIGNED" : "2019-01-21T19:07:26.674486",
"ID" : "CVE-2019-1003003",
"REQUESTER" : "ml@beckweb.net",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"DATE_ASSIGNED": "2019-01-21T19:07:26.674486",
"ID": "CVE-2019-1003003",
"REQUESTER": "ml@beckweb.net",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Jenkins",
"version" : {
"version_data" : [
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_value" : "2.158 and earlier, LTS 2.150.1 and earlier"
"version_value": "2.158 and earlier, LTS 2.150.1 and earlier"
}
]
}
}
]
},
"vendor_name" : "Jenkins project"
"vendor_name": "Jenkins project"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts."
"lang": "eng",
"value": "An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-613"
"lang": "eng",
"value": "CWE-613"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://jenkins.io/security/advisory/2019-01-16/#SECURITY-868",
"refsource" : "CONFIRM",
"url" : "https://jenkins.io/security/advisory/2019-01-16/#SECURITY-868"
"name": "https://jenkins.io/security/advisory/2019-01-16/#SECURITY-868",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-01-16/#SECURITY-868"
},
{
"name" : "106680",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106680"
"name": "106680",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106680"
}
]
}

22
2019/2xxx/CVE-2019-2088.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2088",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2088",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

82
2019/2xxx/CVE-2019-2547.json
View File

@ -1,79 +1,79 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2019-2547",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2019-2547",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Oracle Database",
"version" : {
"version_data" : [
"product_name": "Oracle Database",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "11.2.0.4"
"version_affected": "=",
"version_value": "11.2.0.4"
},
{
"version_affected" : "=",
"version_value" : "12.1.0.2"
"version_affected": "=",
"version_value": "12.1.0.2"
},
{
"version_affected" : "=",
"version_value" : "12.2.0.1"
"version_affected": "=",
"version_value": "12.2.0.1"
},
{
"version_affected" : "=",
"version_value" : "18c"
"version_affected": "=",
"version_value": "18c"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM. CVSS 3.0 Base Score 3.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)."
"lang": "eng",
"value": "Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM. CVSS 3.0 Base Score 3.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM."
"lang": "eng",
"value": "Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
"name": "106594",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106594"
},
{
"name" : "106594",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106594"
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
}
]
}

22
2019/2xxx/CVE-2019-2886.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2886",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2886",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3090.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3090",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3090",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3305.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3305",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3305",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3972.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3972",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3972",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6019.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6019",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6019",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6237.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6237",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6237",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6341.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6341",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6341",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6389.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6389",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6389",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6572.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6572",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6572",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7118.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7118",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7118",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7269.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7269",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7269",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7997.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7997",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7997",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8016.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8016",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8016",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

64
2019/8xxx/CVE-2019-8280.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "vulnerability@kaspersky.com",
"DATE_PUBLIC" : "2019-03-01T00:00:00",
"ID" : "CVE-2019-8280",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8280",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "UltraVNC",
"version" : {
"version_data" : [
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value" : "1.2.2.3"
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name" : "Kaspersky Lab"
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204."
"lang": "eng",
"value": "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-788: Access of Memory Location After End of Buffer"
"lang": "eng",
"value": "CWE-788: Access of Memory Location After End of Buffer"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/",
"refsource" : "MISC",
"url" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/"
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/"
}
]
}

22
2019/8xxx/CVE-2019-8675.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8675",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8675",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8724.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8724",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8724",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9247.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9247",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9247",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9824.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9824",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9824",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9838.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9838",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9838",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}