admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 07:01:35 +00:00
parent f2174007a7
commit e2f2d9b40e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
62 changed files with 4180 additions and 4180 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

208
1999/0xxx/CVE-1999-0661.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0661", "ID": "CVE-1999-0661",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "CA-1994-07", "description_data": [
"refsource" : "CERT", {
"url" : "http://www.cert.org/advisories/CA-1994-07.html" "lang": "eng",
}, "value": "A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6."
{ }
"name" : "CA-1994-14", ]
"refsource" : "CERT", },
"url" : "http://www.cert.org/advisories/CA-1994-14.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "CA-1999-01", "description": [
"refsource" : "CERT", {
"url" : "http://www.cert.org/advisories/CA-1999-01.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "CA-1999-02", ]
"refsource" : "CERT", }
"url" : "http://www.cert.org/advisories/CA-1999-02.html" ]
}, },
{ "references": {
"name" : "CA-2002-28", "reference_data": [
"refsource" : "CERT", {
"url" : "http://www.cert.org/advisories/CA-2002-28.html" "name": "20021009 Re: CERT Advisory CA-2002-28 Trojan Horse Sendmail",
}, "refsource": "BUGTRAQ",
{ "url": "http://online.securityfocus.com/archive/1/294539"
"name" : "20020801 trojan horse in recent openssh (version 3.4 portable 1)", },
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=102820843403741&w=2" "name": "sendmail-backdoor(10313)",
}, "refsource": "XF",
{ "url": "http://www.iss.net/security_center/static/10313.php"
"name" : "20020801 OpenSSH Security Advisory: Trojaned Distribution Files", },
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=102821663814127&w=2" "name": "5921",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/5921"
"name" : "20021009 Re: CERT Advisory CA-2002-28 Trojan Horse Sendmail", },
"refsource" : "BUGTRAQ", {
"url" : "http://online.securityfocus.com/archive/1/294539" "name": "CA-1999-02",
}, "refsource": "CERT",
{ "url": "http://www.cert.org/advisories/CA-1999-02.html"
"name" : "5921", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/5921" "name": "20020801 OpenSSH Security Advisory: Trojaned Distribution Files",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=102821663814127&w=2"
"name" : "sendmail-backdoor(10313)", },
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/10313.php" "name": "CA-1994-14",
} "refsource": "CERT",
] "url": "http://www.cert.org/advisories/CA-1994-14.html"
} },
{
"name": "20020801 trojan horse in recent openssh (version 3.4 portable 1)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=102820843403741&w=2"
},
{
"name": "CA-1999-01",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-1999-01.html"
},
{
"name": "CA-1994-07",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-1994-07.html"
},
{
"name": "CA-2002-28",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2002-28.html"
}
]
}
} }

118
1999/0xxx/CVE-1999-0779.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0779", "ID": "CVE-1999-0779",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Denial of service in HP-UX SharedX recserv program."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBUX9810-086", "description_data": [
"refsource" : "HP", {
"url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9810-086" "lang": "eng",
} "value": "Denial of service in HP-UX SharedX recserv program."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX9810-086",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9810-086"
}
]
}
} }

128
1999/0xxx/CVE-1999-0927.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0927", "ID": "CVE-1999-0927",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NTMail allows remote attackers to read arbitrary files via a .. (dot dot) attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "AD05261999", "description_data": [
"refsource" : "EEYE", {
"url" : "http://www.eeye.com/html/Research/Advisories/AD05261999.html" "lang": "eng",
}, "value": "NTMail allows remote attackers to read arbitrary files via a .. (dot dot) attack."
{ }
"name" : "279", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/279" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "AD05261999",
"refsource": "EEYE",
"url": "http://www.eeye.com/html/Research/Advisories/AD05261999.html"
},
{
"name": "279",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/279"
}
]
}
} }

128
1999/1xxx/CVE-1999-1312.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1312", "ID": "CVE-1999-1312",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in DEC OpenVMS VAX 5.5-2 through 5.0, and OpenVMS AXP 1.0, allows local users to gain system privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "CA-1993-05", "description_data": [
"refsource" : "CERT", {
"url" : "http://www.cert.org/advisories/CA-1993-05.html" "lang": "eng",
}, "value": "Vulnerability in DEC OpenVMS VAX 5.5-2 through 5.0, and OpenVMS AXP 1.0, allows local users to gain system privileges."
{ }
"name" : "openvms-local-privilege-elevation(7142)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7142" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CA-1993-05",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-1993-05.html"
},
{
"name": "openvms-local-privilege-elevation(7142)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7142"
}
]
}
} }

148
1999/1xxx/CVE-1999-1521.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1521", "ID": "CVE-1999-1521",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19990912 Many kind of POP3/SMTP server softwares for Windows have buffer overflow bug", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=93720402717560&w=2" "lang": "eng",
}, "value": "Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server."
{ }
"name" : "19990729 Vulnerability in CMail SMTP Server Version 2.4: Remotely exploitable buffer", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=94121824921783&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "633", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/633" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "cmail-command-bo(2240)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2240" ]
} },
] "references": {
} "reference_data": [
{
"name": "cmail-command-bo(2240)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2240"
},
{
"name": "19990912 Many kind of POP3/SMTP server softwares for Windows have buffer overflow bug",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=93720402717560&w=2"
},
{
"name": "19990729 Vulnerability in CMail SMTP Server Version 2.4: Remotely exploitable buffer",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=94121824921783&w=2"
},
{
"name": "633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/633"
}
]
}
} }

138
2000/1xxx/CVE-2000-1066.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1066", "ID": "CVE-2000-1066",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "FreeBSD-SA-00:63", "description_data": [
"refsource" : "FREEBSD", {
"url" : "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:63.getnameinfo.asc" "lang": "eng",
}, "value": "The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname."
{ }
"name" : "1894", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1894" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "getnameinfo-dos(5454)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5454" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "getnameinfo-dos(5454)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5454"
},
{
"name": "1894",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1894"
},
{
"name": "FreeBSD-SA-00:63",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:63.getnameinfo.asc"
}
]
}
} }

138
2005/2xxx/CVE-2005-2059.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2059", "ID": "CVE-2005-2059",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to modify settings as another user via a link or IMG tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050624 Infopop UBB Threads Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111963737202040&w=2" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to modify settings as another user via a link or IMG tag."
{ }
"name" : "http://www.gulftech.org/?node=research&article_id=00084-06232005", ]
"refsource" : "MISC", },
"url" : "http://www.gulftech.org/?node=research&article_id=00084-06232005" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351", "description": [
"refsource" : "MISC", {
"url" : "http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351",
"refsource": "MISC",
"url": "http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351"
},
{
"name": "http://www.gulftech.org/?node=research&article_id=00084-06232005",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research&article_id=00084-06232005"
},
{
"name": "20050624 Infopop UBB Threads Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111963737202040&w=2"
}
]
}
} }

158
2005/2xxx/CVE-2005-2434.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2434", "ID": "CVE-2005-2434",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Linksys WRT54G router uses the same private key and certificate for every router, which allows remote attackers to sniff the SSL connection and obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050728 Vulnerability in Linksys Router access", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112258422806340&w=2" "lang": "eng",
}, "value": "Linksys WRT54G router uses the same private key and certificate for every router, which allows remote attackers to sniff the SSL connection and obtain sensitive information."
{ }
"name" : "14407", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/14407" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1014596", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014596" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "16271", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/16271" ]
}, },
{ "references": {
"name" : "linksys-wrt54g-session-decrypt(21635)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21635" "name": "14407",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/14407"
} },
{
"name": "20050728 Vulnerability in Linksys Router access",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112258422806340&w=2"
},
{
"name": "1014596",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014596"
},
{
"name": "linksys-wrt54g-session-decrypt(21635)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21635"
},
{
"name": "16271",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16271"
}
]
}
} }

208
2005/2xxx/CVE-2005-2756.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2756", "ID": "CVE-2005-2756",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051104 Advisory: Apple QuickTime PICT Remote Memory Overwrite", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/415714/30/0/threaded" "lang": "eng",
}, "value": "Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion."
{ }
"name" : "http://pb.specialised.info/all/adv/quicktime-pict-adv.txt", ]
"refsource" : "MISC", },
"url" : "http://pb.specialised.info/all/adv/quicktime-pict-adv.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://docs.info.apple.com/article.html?artnum=302772", "description": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=302772" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "VU#855118", ]
"refsource" : "CERT-VN", }
"url" : "http://www.kb.cert.org/vuls/id/855118" ]
}, },
{ "references": {
"name" : "15309", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15309" "name": "VU#855118",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/855118"
"name" : "ADV-2005-2293", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2293" "name": "20478",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/20478"
"name" : "20478", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/20478" "name": "1015152",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015152"
"name" : "1015152", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015152" "name": "http://docs.info.apple.com/article.html?artnum=302772",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=302772"
"name" : "17428", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17428" "name": "17428",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17428"
"name" : "144", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/144" "name": "144",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/144"
} },
{
"name": "http://pb.specialised.info/all/adv/quicktime-pict-adv.txt",
"refsource": "MISC",
"url": "http://pb.specialised.info/all/adv/quicktime-pict-adv.txt"
},
{
"name": "20051104 Advisory: Apple QuickTime PICT Remote Memory Overwrite",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/415714/30/0/threaded"
},
{
"name": "ADV-2005-2293",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2293"
},
{
"name": "15309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15309"
}
]
}
} }

188
2005/2xxx/CVE-2005-2820.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2820", "ID": "CVE-2005-2820",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer \"Conditional Comments\" such as \"[if]\" and \"[endif]\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050906 Secunia Research: SqWebMail Conditional Comments Script Insertion", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112607033030475&w=2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer \"Conditional Comments\" such as \"[if]\" and \"[endif]\"."
{ }
"name" : "http://secunia.com/secunia_research/2005-44/advisory/", ]
"refsource" : "MISC", },
"url" : "http://secunia.com/secunia_research/2005-44/advisory/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.securiteam.com/unixfocus/5RP0220GUS.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.securiteam.com/unixfocus/5RP0220GUS.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-820", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2005/dsa-820" ]
}, },
{ "references": {
"name" : "USN-201-1", "reference_data": [
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-201-1" "name": "16704",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/16704/"
"name" : "16704", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16704/" "name": "sqwebmail-html-comment-xss(22158)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22158"
"name" : "17156", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17156" "name": "20050906 Secunia Research: SqWebMail Conditional Comments Script Insertion",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=112607033030475&w=2"
"name" : "sqwebmail-html-comment-xss(22158)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22158" "name": "17156",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/17156"
} },
{
"name": "USN-201-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-201-1"
},
{
"name": "http://secunia.com/secunia_research/2005-44/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2005-44/advisory/"
},
{
"name": "DSA-820",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-820"
},
{
"name": "http://www.securiteam.com/unixfocus/5RP0220GUS.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/unixfocus/5RP0220GUS.html"
}
]
}
} }

168
2005/2xxx/CVE-2005-2952.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2952", "ID": "CVE-2005-2952",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in s.pl in Subscribe Me Pro 2.044.09P and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050913 Subscribe Me Pro 2.044.09P and prior Directory Traversal", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112662785418368&w=2" "lang": "eng",
}, "value": "Directory traversal vulnerability in s.pl in Subscribe Me Pro 2.044.09P and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter."
{ }
"name" : "http://www.h4cky0u.org/advisories/HYA-2005-007-subscribe-me-pro.txt", ]
"refsource" : "MISC", },
"url" : "http://www.h4cky0u.org/advisories/HYA-2005-007-subscribe-me-pro.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "14817", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14817" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "16796", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/16796/" ]
}, },
{ "references": {
"name" : "4", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/4" "name": "14817",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/14817"
"name" : "subscribemepro-unknown-directory-traversal(22249)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22249" "name": "4",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/4"
} },
{
"name": "http://www.h4cky0u.org/advisories/HYA-2005-007-subscribe-me-pro.txt",
"refsource": "MISC",
"url": "http://www.h4cky0u.org/advisories/HYA-2005-007-subscribe-me-pro.txt"
},
{
"name": "16796",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16796/"
},
{
"name": "subscribemepro-unknown-directory-traversal(22249)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22249"
},
{
"name": "20050913 Subscribe Me Pro 2.044.09P and prior Directory Traversal",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112662785418368&w=2"
}
]
}
} }

198
2007/5xxx/CVE-2007-5184.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5184", "ID": "CVE-2007-5184",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in the SMBDirList function in dirlist.c in SmbFTPD 0.96 allows remote attackers to execute arbitrary code via format string specifiers in a directory name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071001 smbftpd 0.96 format string vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/481220/100/0/threaded" "lang": "eng",
}, "value": "Format string vulnerability in the SMBDirList function in dirlist.c in SmbFTPD 0.96 allows remote attackers to execute arbitrary code via format string specifiers in a directory name."
{ }
"name" : "4478", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/4478" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://debork.se/poc/001_smbftpd.c", "description": [
"refsource" : "MISC", {
"url" : "http://debork.se/poc/001_smbftpd.c" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://sourceforge.net/project/shownotes.php?release_id=543077", ]
"refsource" : "CONFIRM", }
"url" : "http://sourceforge.net/project/shownotes.php?release_id=543077" ]
}, },
{ "references": {
"name" : "25871", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25871" "name": "25871",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25871"
"name" : "ADV-2007-3311", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3311" "name": "27014",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27014"
"name" : "41385", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41385" "name": "ADV-2007-3311",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3311"
"name" : "27014", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27014" "name": "4478",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/4478"
"name" : "smbftpd-smbdirlist-format-string(36893)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36893" "name": "41385",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/41385"
} },
{
"name": "http://debork.se/poc/001_smbftpd.c",
"refsource": "MISC",
"url": "http://debork.se/poc/001_smbftpd.c"
},
{
"name": "smbftpd-smbdirlist-format-string(36893)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36893"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=543077",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=543077"
},
{
"name": "20071001 smbftpd 0.96 format string vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481220/100/0/threaded"
}
]
}
} }

32
2007/5xxx/CVE-2007-5202.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5202", "ID": "CVE-2007-5202",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

818
2007/5xxx/CVE-2007-5269.json
View File

@ -1,412 +1,412 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5269", "ID": "CVE-2007-5269",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle_iTXt), and (5) ztXT (png_handle_ztXt) chunking in PNG images, which trigger out-of-bounds read operations."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071112 FLEA-2007-0065-1 libpng", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/483582/100/0/threaded" "lang": "eng",
}, "value": "Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle_iTXt), and (5) ztXT (png_handle_ztXt) chunking in PNG images, which trigger out-of-bounds read operations."
{ }
"name" : "20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/489135/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/489739/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/495869/100/0/threaded" ]
}, },
{ "references": {
"name" : "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", "reference_data": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html" "name": "27965",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27965"
"name" : "[png-mng-implement] 20071004 Libpng-1.2.21 and libpng-1.0.29 released", },
"refsource" : "MLIST", {
"url" : "http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement" "name": "https://issues.rpath.com/browse/RPL-1814",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1814"
"name" : "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", },
"refsource" : "MLIST", {
"url" : "http://lists.vmware.com/pipermail/security-announce/2008/000008.html" "name": "MDKSA-2007:217",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:217"
"name" : "http://www.coresecurity.com/?action=item&id=2148", },
"refsource" : "MISC", {
"url" : "http://www.coresecurity.com/?action=item&id=2148" "name": "35386",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35386"
"name" : "https://issues.rpath.com/browse/RPL-1814", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1814" "name": "FEDORA-2007-2666",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00356.html"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=327791", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=327791" "name": "GLSA-201209-25",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=337461", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=337461" "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-460.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-460.htm"
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=195261", },
"refsource" : "CONFIRM", {
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=195261" "name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-460.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-460.htm" "name": "FEDORA-2007-2521",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00353.html"
"name" : "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html", },
"refsource" : "CONFIRM", {
"url" : "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html" "name": "27093",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27093"
"name" : "http://docs.info.apple.com/article.html?artnum=307562", },
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=307562" "name": "1020521",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1"
"name" : "http://www.vmware.com/security/advisories/VMSA-2008-0005.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2008-0005.html" "name": "ADV-2009-1560",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/1560"
"name" : "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html" "name": "34388",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34388"
"name" : "http://www.vmware.com/support/player/doc/releasenotes_player.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/player/doc/releasenotes_player.html" "name": "ADV-2009-1462",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/1462"
"name" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" "name": "27662",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27662"
"name" : "http://www.vmware.com/support/server/doc/releasenotes_server.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/server/doc/releasenotes_server.html" "name": "31712",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31712"
"name" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" "name": "http://bugs.gentoo.org/show_bug.cgi?id=195261",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.gentoo.org/show_bug.cgi?id=195261"
"name" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" "name": "FEDORA-2007-734",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00072.html"
"name" : "http://www.vmware.com/security/advisories/VMSA-2008-0014.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2008-0014.html" "name": "27529",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27529"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm" "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
"name" : "APPLE-SA-2008-03-18", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" "name": "27405",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27405"
"name" : "APPLE-SA-2008-05-28", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html" "name": "27746",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27746"
"name" : "DSA-1750", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2009/dsa-1750" "name": "RHSA-2007:0992",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0992.html"
"name" : "FEDORA-2007-2521", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00353.html" "name": "ADV-2007-3390",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3390"
"name" : "FEDORA-2007-2666", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00356.html" "name": "http://www.coresecurity.com/?action=item&id=2148",
}, "refsource": "MISC",
{ "url": "http://www.coresecurity.com/?action=item&id=2148"
"name" : "FEDORA-2007-734", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00072.html" "name": "259989",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1"
"name" : "GLSA-200711-08", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml" "name": "35302",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35302"
"name" : "GLSA-200805-07", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml" "name": "31713",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31713"
"name" : "GLSA-201209-25", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201209-25.xml" "name": "[png-mng-implement] 20071004 Libpng-1.2.21 and libpng-1.0.29 released",
}, "refsource": "MLIST",
{ "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement"
"name" : "MDKSA-2007:217", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:217" "name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
"name" : "RHSA-2007:0992", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0992.html" "name": "ADV-2008-0924",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0924/references"
"name" : "SSA:2007-325-01", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323" "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
"name" : "259989", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1" "name": "TA08-150A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
"name" : "1020521", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1" "name": "27391",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27391"
"name" : "SUSE-SR:2007:025", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_25_sr.html" "name": "25956",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25956"
"name" : "USN-538-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-538-1" "name": "SUSE-SR:2007:025",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
"name" : "TA08-150A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-150A.html" "name": "27369",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27369"
"name" : "25956", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25956" "name": "1018849",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018849"
"name" : "28276", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/28276" "name": "oval:org.mitre.oval:def:10614",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10614"
"name" : "oval:org.mitre.oval:def:10614", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10614" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=327791",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=327791"
"name" : "34388", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34388" "name": "27492",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27492"
"name" : "35302", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35302" "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
"name" : "35386", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35386" "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
"name" : "ADV-2007-3390", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3390" "name": "29420",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29420"
"name" : "ADV-2008-0924", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0924/references" "name": "APPLE-SA-2008-03-18",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
"name" : "ADV-2008-0905", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0905/references" "name": "27284",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27284"
"name" : "ADV-2008-1697", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1697" "name": "30430",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30430"
"name" : "ADV-2008-2466", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2466" "name": "USN-538-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-538-1"
"name" : "1018849", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018849" "name": "APPLE-SA-2008-05-28",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
"name" : "27093", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27093" "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
"name" : "27284", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27284" "name": "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html",
}, "refsource": "CONFIRM",
{ "url": "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html"
"name" : "27405", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27405" "name": "30161",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30161"
"name" : "27369", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27369" "name": "GLSA-200805-07",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
"name" : "27391", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27391" "name": "DSA-1750",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2009/dsa-1750"
"name" : "27492", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27492" "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
"name" : "27529", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27529" "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
"name" : "27662", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27662" "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
}, "refsource": "MLIST",
{ "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
"name" : "27629", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27629" "name": "http://docs.info.apple.com/article.html?artnum=307562",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=307562"
"name" : "27746", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27746" "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
"name" : "27965", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27965" "name": "GLSA-200711-08",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml"
"name" : "29420", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29420" "name": "ADV-2008-0905",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0905/references"
"name" : "30161", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30161" "name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
"name" : "30430", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30430" "name": "ADV-2008-1697",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1697"
"name" : "31712", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31712" "name": "SSA:2007-325-01",
}, "refsource": "SLACKWARE",
{ "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323"
"name" : "31713", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31713" "name": "20071112 FLEA-2007-0065-1 libpng",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/483582/100/0/threaded"
"name" : "ADV-2009-1462", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1462" "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm"
"name" : "ADV-2009-1560", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1560" "name": "28276",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/28276"
} },
{
"name": "20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489135/100/0/threaded"
},
{
"name": "ADV-2008-2466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=337461",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=337461"
},
{
"name": "27629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27629"
}
]
}
} }

178
2007/5xxx/CVE-2007-5309.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5309", "ID": "CVE-2007-5309",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in admin.wmtgallery.php in the webmaster-tips.net Flash Image Gallery (com_wmtgallery) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4496", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4496" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in admin.wmtgallery.php in the webmaster-tips.net Flash Image Gallery (com_wmtgallery) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter."
{ }
"name" : "20071009 Joomla Flash Image Gallery Component RFI Vulnerability", ]
"refsource" : "VIM", },
"url" : "http://www.attrition.org/pipermail/vim/2007-October/001823.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20071009 Joomla Flash Image Gallery Component RFI Vulnerability", "description": [
"refsource" : "VIM", {
"url" : "http://www.attrition.org/pipermail/vim/2007-October/001824.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25958", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25958" ]
}, },
{ "references": {
"name" : "ADV-2007-3434", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3434" "name": "20071009 Joomla Flash Image Gallery Component RFI Vulnerability",
}, "refsource": "VIM",
{ "url": "http://www.attrition.org/pipermail/vim/2007-October/001823.html"
"name" : "38645", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38645" "name": "25958",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25958"
"name" : "flashimagegallery-wmtgallery-file-include(37016)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37016" "name": "20071009 Joomla Flash Image Gallery Component RFI Vulnerability",
} "refsource": "VIM",
] "url": "http://www.attrition.org/pipermail/vim/2007-October/001824.html"
} },
{
"name": "ADV-2007-3434",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3434"
},
{
"name": "4496",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4496"
},
{
"name": "flashimagegallery-wmtgallery-file-include(37016)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37016"
},
{
"name": "38645",
"refsource": "OSVDB",
"url": "http://osvdb.org/38645"
}
]
}
} }

118
2007/5xxx/CVE-2007-5552.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5552", "ID": "CVE-2007-5552",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.irmplc.com/index.php/111-Vendor-Alerts", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.irmplc.com/index.php/111-Vendor-Alerts" "lang": "eng",
} "value": "Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.irmplc.com/index.php/111-Vendor-Alerts",
"refsource": "MISC",
"url": "http://www.irmplc.com/index.php/111-Vendor-Alerts"
}
]
}
} }

148
2007/5xxx/CVE-2007-5573.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5573", "ID": "CVE-2007-5573",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4544", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4544" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter."
{ }
"name" : "26110", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/26110" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "27288", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27288" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "limesurvey-language-file-include(37270)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37270" ]
} },
] "references": {
} "reference_data": [
{
"name": "27288",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27288"
},
{
"name": "26110",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26110"
},
{
"name": "4544",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4544"
},
{
"name": "limesurvey-language-file-include(37270)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37270"
}
]
}
} }

138
2009/2xxx/CVE-2009-2531.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2009-2531", "ID": "CVE-2009-2531",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"Uninitialized Memory Corruption Vulnerability,\" a different vulnerability than CVE-2009-2530."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS09-054", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-054" "lang": "eng",
}, "value": "Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"Uninitialized Memory Corruption Vulnerability,\" a different vulnerability than CVE-2009-2530."
{ }
"name" : "TA09-286A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:5766", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5766" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "MS09-054",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-054"
},
{
"name": "TA09-286A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
},
{
"name": "oval:org.mitre.oval:def:5766",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5766"
}
]
}
} }

118
2009/2xxx/CVE-2009-2704.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2704", "ID": "CVE-2009-2704",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CA SiteMinder allows remote attackers to bypass cross-site scripting (XSS) protections for J2EE applications via a request containing a %00 (encoded null byte)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://i8jesus.com/?p=55", "description_data": [
"refsource" : "MISC", {
"url" : "http://i8jesus.com/?p=55" "lang": "eng",
} "value": "CA SiteMinder allows remote attackers to bypass cross-site scripting (XSS) protections for J2EE applications via a request containing a %00 (encoded null byte)."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://i8jesus.com/?p=55",
"refsource": "MISC",
"url": "http://i8jesus.com/?p=55"
}
]
}
} }

32
2009/2xxx/CVE-2009-2759.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2759", "ID": "CVE-2009-2759",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

178
2009/2xxx/CVE-2009-2799.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2799", "ID": "CVE-2009-2799",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT3859", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT3859" "lang": "eng",
}, "value": "Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie file."
{ }
"name" : "http://support.apple.com/kb/HT3937", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT3937" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2009-09-09-2", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2009/Sep/msg00002.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2009-11-09-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html" ]
}, },
{ "references": {
"name" : "36328", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36328" "name": "http://support.apple.com/kb/HT3859",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT3859"
"name" : "oval:org.mitre.oval:def:6405", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6405" "name": "36328",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/36328"
"name" : "ADV-2009-3184", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3184" "name": "APPLE-SA-2009-09-09-2",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00002.html"
} },
{
"name": "oval:org.mitre.oval:def:6405",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6405"
},
{
"name": "ADV-2009-3184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name": "APPLE-SA-2009-11-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT3937",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3937"
}
]
}
} }

378
2009/2xxx/CVE-2009-2906.json
View File

@ -1,192 +1,192 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-2906", "ID": "CVE-2009-2906",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20091112 rPSA-2009-0145-1 samba samba-client samba-server samba-swat", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/507856/100/0/threaded" "lang": "eng",
}, "value": "smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet."
{ }
"name" : "http://samba.org/samba/security/CVE-2009-2906.html", ]
"refsource" : "CONFIRM", },
"url" : "http://samba.org/samba/security/CVE-2009-2906.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://news.samba.org/releases/3.0.37/", "description": [
"refsource" : "CONFIRM", {
"url" : "http://news.samba.org/releases/3.0.37/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://news.samba.org/releases/3.2.15/", ]
"refsource" : "CONFIRM", }
"url" : "http://news.samba.org/releases/3.2.15/" ]
}, },
{ "references": {
"name" : "http://news.samba.org/releases/3.3.8/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://news.samba.org/releases/3.3.8/" "name": "http://samba.org/samba/security/CVE-2009-2906.html",
}, "refsource": "CONFIRM",
{ "url": "http://samba.org/samba/security/CVE-2009-2906.html"
"name" : "http://news.samba.org/releases/3.4.2/", },
"refsource" : "CONFIRM", {
"url" : "http://news.samba.org/releases/3.4.2/" "name": "http://news.samba.org/releases/3.4.2/",
}, "refsource": "CONFIRM",
{ "url": "http://news.samba.org/releases/3.4.2/"
"name" : "http://wiki.rpath.com/Advisories:rPSA-2009-0145", },
"refsource" : "CONFIRM", {
"url" : "http://wiki.rpath.com/Advisories:rPSA-2009-0145" "name": "20091112 rPSA-2009-0145-1 samba samba-client samba-server samba-swat",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/507856/100/0/threaded"
"name" : "http://support.apple.com/kb/HT4077", },
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4077" "name": "oval:org.mitre.oval:def:9944",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9944"
"name" : "APPLE-SA-2010-03-29-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" "name": "FEDORA-2009-10172",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00098.html"
"name" : "FEDORA-2009-10172", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00098.html" "name": "APPLE-SA-2010-03-29-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
"name" : "FEDORA-2009-10180", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00095.html" "name": "http://news.samba.org/releases/3.2.15/",
}, "refsource": "CONFIRM",
{ "url": "http://news.samba.org/releases/3.2.15/"
"name" : "SSA:2009-276-01", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561439" "name": "1021111",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021111.1-1"
"name" : "1021111", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021111.1-1" "name": "58519",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/58519"
"name" : "SUSE-SR:2009:017", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html" "name": "ADV-2009-2810",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/2810"
"name" : "USN-839-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-839-1" "name": "SSA:2009-276-01",
}, "refsource": "SLACKWARE",
{ "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561439"
"name" : "36573", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36573" "name": "37428",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/37428"
"name" : "58519", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/58519" "name": "36937",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36937"
"name" : "oval:org.mitre.oval:def:7090", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7090" "name": "USN-839-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-839-1"
"name" : "oval:org.mitre.oval:def:9944", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9944" "name": "samba-smb-dos(53575)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53575"
"name" : "1022976", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022976" "name": "http://support.apple.com/kb/HT4077",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4077"
"name" : "36893", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36893" "name": "36573",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/36573"
"name" : "36918", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36918" "name": "http://news.samba.org/releases/3.0.37/",
}, "refsource": "CONFIRM",
{ "url": "http://news.samba.org/releases/3.0.37/"
"name" : "36937", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36937" "name": "oval:org.mitre.oval:def:7090",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7090"
"name" : "36953", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36953" "name": "36918",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36918"
"name" : "37428", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37428" "name": "1022976",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1022976"
"name" : "ADV-2009-2810", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2810" "name": "36893",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36893"
"name" : "samba-smb-dos(53575)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53575" "name": "http://news.samba.org/releases/3.3.8/",
} "refsource": "CONFIRM",
] "url": "http://news.samba.org/releases/3.3.8/"
} },
{
"name": "36953",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36953"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0145",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2009-0145"
},
{
"name": "SUSE-SR:2009:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html"
},
{
"name": "FEDORA-2009-10180",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00095.html"
}
]
}
} }

128
2015/0xxx/CVE-2015-0536.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2015-0536", "ID": "CVE-2015-0536",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allow remote attackers to cause a denial of service (daemon crash) via a ClientKeyExchange message with a length of zero, a similar issue to CVE-2015-1787."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150817 ESA-2015-081: RSA BSAFE Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2015/Aug/84" "lang": "eng",
}, "value": "EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allow remote attackers to cause a denial of service (daemon crash) via a ClientKeyExchange message with a length of zero, a similar issue to CVE-2015-1787."
{ }
"name" : "76377", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/76377" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150817 ESA-2015-081: RSA BSAFE Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2015/Aug/84"
},
{
"name": "76377",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76377"
}
]
}
} }

32
2015/0xxx/CVE-2015-0627.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-0627", "ID": "CVE-2015-0627",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2015/0xxx/CVE-2015-0669.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0669", "ID": "CVE-2015-0669",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 15.4S and 15.4(3)S allows remote attackers to modify configuration settings or cause a denial of service (partial service outage) by sending crafted Autonomic Networking (AN) messages on an intranet network, aka Bug ID CSCup62167."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150319 Cisco IOS Software Autonomic Networking Infrastructure Overwrite Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=37935" "lang": "eng",
}, "value": "The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 15.4S and 15.4(3)S allows remote attackers to modify configuration settings or cause a denial of service (partial service outage) by sending crafted Autonomic Networking (AN) messages on an intranet network, aka Bug ID CSCup62167."
{ }
"name" : "1031967", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1031967" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1031967",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031967"
},
{
"name": "20150319 Cisco IOS Software Autonomic Networking Infrastructure Overwrite Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=37935"
}
]
}
} }

32
2015/3xxx/CVE-2015-3437.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3437", "ID": "CVE-2015-3437",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2015/3xxx/CVE-2015-3519.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3519", "ID": "CVE-2015-3519",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

188
2015/3xxx/CVE-2015-3752.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-3752", "ID": "CVE-2015-3752",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive information via vectors involving (1) a cross-origin request or (2) a private-browsing request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/kb/HT205030", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205030" "lang": "eng",
}, "value": "The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive information via vectors involving (1) a cross-origin request or (2) a private-browsing request."
{ }
"name" : "https://support.apple.com/kb/HT205033", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/kb/HT205033" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2015-08-13-1", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-08-13-3", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2016:0915", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html" "name": "1033274",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033274"
"name" : "USN-2937-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2937-1" "name": "https://support.apple.com/kb/HT205030",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT205030"
"name" : "76341", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76341" "name": "APPLE-SA-2015-08-13-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
"name" : "1033274", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033274" "name": "openSUSE-SU-2016:0915",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html"
} },
{
"name": "76341",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76341"
},
{
"name": "APPLE-SA-2015-08-13-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html"
},
{
"name": "https://support.apple.com/kb/HT205033",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205033"
},
{
"name": "USN-2937-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2937-1"
}
]
}
} }

32
2015/4xxx/CVE-2015-4150.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4150", "ID": "CVE-2015-4150",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2015/4xxx/CVE-2015-4337.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4337", "ID": "CVE-2015-4337",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the excl_manual parameter in the xcloner_show page to wpadmin/plugins.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/132107/WordPress-XCloner-3.1.2-XSS-Command-Execution.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/132107/WordPress-XCloner-3.1.2-XSS-Command-Execution.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the excl_manual parameter in the xcloner_show page to wpadmin/plugins.php."
{ }
"name" : "http://www.vapid.dhs.org/advisory.php?v=121", ]
"refsource" : "MISC", },
"url" : "http://www.vapid.dhs.org/advisory.php?v=121" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "74943", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74943" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "74943",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74943"
},
{
"name": "http://packetstormsecurity.com/files/132107/WordPress-XCloner-3.1.2-XSS-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132107/WordPress-XCloner-3.1.2-XSS-Command-Execution.html"
},
{
"name": "http://www.vapid.dhs.org/advisory.php?v=121",
"refsource": "MISC",
"url": "http://www.vapid.dhs.org/advisory.php?v=121"
}
]
}
} }

178
2015/4xxx/CVE-2015-4374.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4374", "ID": "CVE-2015-4374",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.23, 7.x-3.x before 7.x-3.23, and 7.x-4.x before 7.x-4.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a component name in the recipient (To) address of an email."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150322 CVE requests for Drupal contributed modules", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/03/22/35" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.23, 7.x-3.x before 7.x-3.23, and 7.x-4.x before 7.x-4.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a component name in the recipient (To) address of an email."
{ }
"name" : "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2015/04/25/6" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.drupal.org/node/2454903", "description": [
"refsource" : "MISC", {
"url" : "https://www.drupal.org/node/2454903" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.drupal.org/node/2454055", ]
"refsource" : "CONFIRM", }
"url" : "https://www.drupal.org/node/2454055" ]
}, },
{ "references": {
"name" : "https://www.drupal.org/node/2454059", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/node/2454059" "name": "https://www.drupal.org/node/2454055",
}, "refsource": "CONFIRM",
{ "url": "https://www.drupal.org/node/2454055"
"name" : "https://www.drupal.org/node/2454063", },
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/node/2454063" "name": "https://www.drupal.org/node/2454059",
}, "refsource": "CONFIRM",
{ "url": "https://www.drupal.org/node/2454059"
"name" : "73215", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73215" "name": "https://www.drupal.org/node/2454063",
} "refsource": "CONFIRM",
] "url": "https://www.drupal.org/node/2454063"
} },
{
"name": "[oss-security] 20150322 CVE requests for Drupal contributed modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/22/35"
},
{
"name": "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/04/25/6"
},
{
"name": "73215",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73215"
},
{
"name": "https://www.drupal.org/node/2454903",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2454903"
}
]
}
} }

148
2015/4xxx/CVE-2015-4472.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4472", "ID": "CVE-2015-4472",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CHM file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150203 Possible CVE Requests: libmspack: several issues", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2015/02/03/11" "lang": "eng",
}, "value": "Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CHM file."
{ }
"name" : "https://bugs.debian.org/775687", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.debian.org/775687" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201506-01", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201506-01" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "72490", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/72490" ]
} },
] "references": {
} "reference_data": [
{
"name": "[oss-security] 20150203 Possible CVE Requests: libmspack: several issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2015/02/03/11"
},
{
"name": "GLSA-201506-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201506-01"
},
{
"name": "https://bugs.debian.org/775687",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/775687"
},
{
"name": "72490",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72490"
}
]
}
} }

118
2015/4xxx/CVE-2015-4778.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4778", "ID": "CVE-2015-4778",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2654, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE-2015-4784, CVE-2015-4785, CVE-2015-4786, CVE-2015-4787, CVE-2015-4789, and CVE-2015-4790."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" "lang": "eng",
} "value": "Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2654, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE-2015-4784, CVE-2015-4785, CVE-2015-4786, CVE-2015-4787, CVE-2015-4789, and CVE-2015-4790."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
}
]
}
} }

128
2015/8xxx/CVE-2015-8085.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8085", "ID": "CVE-2015-8085",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 make it easier for remote authenticated administrators to obtain and decrypt passwords by leveraging selection of a reversible encryption algorithm."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.huawei.com/en/psirt/security-advisories/hw-455876", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.huawei.com/en/psirt/security-advisories/hw-455876" "lang": "eng",
}, "value": "Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 make it easier for remote authenticated administrators to obtain and decrypt passwords by leveraging selection of a reversible encryption algorithm."
{ }
"name" : "76897", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/76897" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "76897",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76897"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/hw-455876",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/hw-455876"
}
]
}
} }

32
2015/8xxx/CVE-2015-8517.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8517", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8517",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

228
2015/8xxx/CVE-2015-8711.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8711", "ID": "CVE-2015-8711",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-31.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-31.html" "lang": "eng",
}, "value": "epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet."
{ }
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11835", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11835" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11841", ]
"refsource" : "CONFIRM", }
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11841" ]
}, },
{ "references": {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=23379ae3624df82c170f48e5bb3250a97ec61c13", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=23379ae3624df82c170f48e5bb3250a97ec61c13" "name": "http://www.wireshark.org/security/wnpa-sec-2015-31.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.wireshark.org/security/wnpa-sec-2015-31.html"
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5b4ada17723ed8af7e85cb48d537437ed614e417", },
"refsource" : "CONFIRM", {
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5b4ada17723ed8af7e85cb48d537437ed614e417" "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5b4ada17723ed8af7e85cb48d537437ed614e417",
}, "refsource": "CONFIRM",
{ "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5b4ada17723ed8af7e85cb48d537437ed614e417"
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5bf565690ad9f0771196d8fa237aa37fae3bb7cc", },
"refsource" : "CONFIRM", {
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5bf565690ad9f0771196d8fa237aa37fae3bb7cc" "name": "DSA-3505",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3505"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" "name": "79814",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/79814"
"name" : "DSA-3505", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3505" "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5bf565690ad9f0771196d8fa237aa37fae3bb7cc",
}, "refsource": "CONFIRM",
{ "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5bf565690ad9f0771196d8fa237aa37fae3bb7cc"
"name" : "GLSA-201604-05", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201604-05" "name": "GLSA-201604-05",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201604-05"
"name" : "79814", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/79814" "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
"name" : "1034551", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034551" "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=23379ae3624df82c170f48e5bb3250a97ec61c13",
} "refsource": "CONFIRM",
] "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=23379ae3624df82c170f48e5bb3250a97ec61c13"
} },
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602"
},
{
"name": "1034551",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034551"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11835",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11835"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11841",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11841"
}
]
}
} }

248
2015/8xxx/CVE-2015-8783.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2015-8783", "ID": "CVE-2015-8783",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160124 CVE Request: tiff: Out-of-bounds write for invalid images using LogL compression", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/01/24/3" "lang": "eng",
}, "value": "tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image."
{ }
"name" : "[oss-security] 20160124 Re: CVE Request: tiff: Out-of-bounds write for invalid images using LogL compression", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/01/24/7" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2522", "description": [
"refsource" : "CONFIRM", {
"url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2522" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "name": "openSUSE-SU-2016:0414",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html"
"name" : "DSA-3467", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3467" "name": "RHSA-2016:1547",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html"
"name" : "GLSA-201701-16", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-16" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
"name" : "RHSA-2016:1546", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1546.html" "name": "81730",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/81730"
"name" : "RHSA-2016:1547", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1547.html" "name": "openSUSE-SU-2016:0405",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html"
"name" : "openSUSE-SU-2016:0405", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html" "name": "USN-2939-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2939-1"
"name" : "openSUSE-SU-2016:0414", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html" "name": "[oss-security] 20160124 Re: CVE Request: tiff: Out-of-bounds write for invalid images using LogL compression",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/01/24/7"
"name" : "USN-2939-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2939-1" "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2522",
}, "refsource": "CONFIRM",
{ "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2522"
"name" : "81730", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/81730" "name": "GLSA-201701-16",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201701-16"
} },
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "RHSA-2016:1546",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html"
},
{
"name": "[oss-security] 20160124 CVE Request: tiff: Out-of-bounds write for invalid images using LogL compression",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/24/3"
},
{
"name": "DSA-3467",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3467"
}
]
}
} }

228
2015/8xxx/CVE-2015-8866.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8866", "ID": "CVE-2015-8866",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160423 Re: CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/04/24/1" "lang": "eng",
}, "value": "ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161."
{ }
"name" : "http://git.php.net/?p=php-src.git;a=commit;h=de31324c221c1791b26350ba106cc26bad23ace9", ]
"refsource" : "CONFIRM", },
"url" : "http://git.php.net/?p=php-src.git;a=commit;h=de31324c221c1791b26350ba106cc26bad23ace9" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.php.net/ChangeLog-5.php", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.php.net/ChangeLog-5.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1509817", ]
"refsource" : "CONFIRM", }
"url" : "https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1509817" ]
}, },
{ "references": {
"name" : "https://bugs.php.net/bug.php?id=64938", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.php.net/bug.php?id=64938" "name": "USN-2952-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2952-1"
"name" : "RHSA-2016:2750", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html" "name": "http://git.php.net/?p=php-src.git;a=commit;h=de31324c221c1791b26350ba106cc26bad23ace9",
}, "refsource": "CONFIRM",
{ "url": "http://git.php.net/?p=php-src.git;a=commit;h=de31324c221c1791b26350ba106cc26bad23ace9"
"name" : "SUSE-SU-2016:1277", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00033.html" "name": "https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1509817",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1509817"
"name" : "openSUSE-SU-2016:1274", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00031.html" "name": "RHSA-2016:2750",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
"name" : "openSUSE-SU-2016:1373", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00056.html" "name": "USN-2952-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2952-2"
"name" : "USN-2952-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2952-1" "name": "http://www.php.net/ChangeLog-5.php",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/ChangeLog-5.php"
"name" : "USN-2952-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2952-2" "name": "https://bugs.php.net/bug.php?id=64938",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.php.net/bug.php?id=64938"
"name" : "87470", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/87470" "name": "87470",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/87470"
} },
{
"name": "openSUSE-SU-2016:1274",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00031.html"
},
{
"name": "SUSE-SU-2016:1277",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00033.html"
},
{
"name": "[oss-security] 20160423 Re: CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/24/1"
},
{
"name": "openSUSE-SU-2016:1373",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00056.html"
}
]
}
} }

118
2015/8xxx/CVE-2015-8989.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"ID" : "CVE-2015-8989", "ID": "CVE-2015-8989",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "McAfee Vulnerability Manager (MVM)", "product_name": "McAfee Vulnerability Manager (MVM)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.5.8 and earlier" "version_value": "7.5.8 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel" "vendor_name": "Intel"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows attackers to more easily decrypt user passwords via brute force attacks against the database."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Unsalted password vulnerability"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10117", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10117" "lang": "eng",
} "value": "Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows attackers to more easily decrypt user passwords via brute force attacks against the database."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unsalted password vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10117",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10117"
}
]
}
} }

138
2015/9xxx/CVE-2015-9260.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-9260", "ID": "CVE-2015-9260",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in BEdita before 3.7.0. A cross-site scripting (XSS) attack occurs via a crafted pages/showObjects URI, as demonstrated by appending a payload to a pages/showObjects/2/0/0/leafs URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/bedita/bedita/issues/755#issuecomment-148036760", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/bedita/bedita/issues/755#issuecomment-148036760" "lang": "eng",
}, "value": "An issue was discovered in BEdita before 3.7.0. A cross-site scripting (XSS) attack occurs via a crafted pages/showObjects URI, as demonstrated by appending a payload to a pages/showObjects/2/0/0/leafs URI."
{ }
"name" : "https://github.com/bedita/bedita/releases/tag/v3.7.0", ]
"refsource" : "MISC", },
"url" : "https://github.com/bedita/bedita/releases/tag/v3.7.0" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/cybersecurityworks/Disclosed/issues/8", "description": [
"refsource" : "MISC", {
"url" : "https://github.com/cybersecurityworks/Disclosed/issues/8" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/bedita/bedita/releases/tag/v3.7.0",
"refsource": "MISC",
"url": "https://github.com/bedita/bedita/releases/tag/v3.7.0"
},
{
"name": "https://github.com/bedita/bedita/issues/755#issuecomment-148036760",
"refsource": "MISC",
"url": "https://github.com/bedita/bedita/issues/755#issuecomment-148036760"
},
{
"name": "https://github.com/cybersecurityworks/Disclosed/issues/8",
"refsource": "MISC",
"url": "https://github.com/cybersecurityworks/Disclosed/issues/8"
}
]
}
} }

178
2016/1xxx/CVE-2016-1984.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2016-1984", "ID": "CVE-2016-1984",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2015-8362."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160121 SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2016/Jan/63" "lang": "eng",
}, "value": "The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2015-8362."
{ }
"name" : "http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html", ]
"refsource" : "MISC", },
"url" : "http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt", "description": [
"refsource" : "MISC", {
"url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-049-02", ]
"refsource" : "MISC", }
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-049-02" ]
}, },
{ "references": {
"name" : "http://www.amx.com/techcenter/NXSecurityBrief/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.amx.com/techcenter/NXSecurityBrief/" "name": "VU#992624",
}, "refsource": "CERT-VN",
{ "url": "https://www.kb.cert.org/vuls/id/992624"
"name" : "http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files", },
"refsource" : "CONFIRM", {
"url" : "http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files" "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-049-02",
}, "refsource": "MISC",
{ "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-049-02"
"name" : "VU#992624", },
"refsource" : "CERT-VN", {
"url" : "https://www.kb.cert.org/vuls/id/992624" "name": "20160121 SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices",
} "refsource": "FULLDISC",
] "url": "http://seclists.org/fulldisclosure/2016/Jan/63"
} },
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt"
},
{
"name": "http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files",
"refsource": "CONFIRM",
"url": "http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files"
},
{
"name": "http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html",
"refsource": "MISC",
"url": "http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html"
},
{
"name": "http://www.amx.com/techcenter/NXSecurityBrief/",
"refsource": "CONFIRM",
"url": "http://www.amx.com/techcenter/NXSecurityBrief/"
}
]
}
} }

158
2016/5xxx/CVE-2016-5218.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-5218", "ID": "CVE-2016-5218",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android", "product_name": "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android" "version_value": "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox (URL bar) via a crafted HTML page containing PDF data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "insufficient policy enforcement"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html" "lang": "eng",
}, "value": "The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox (URL bar) via a crafted HTML page containing PDF data."
{ }
"name" : "https://crbug.com/660498", ]
"refsource" : "CONFIRM", },
"url" : "https://crbug.com/660498" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201612-11", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201612-11" "lang": "eng",
}, "value": "insufficient policy enforcement"
{ }
"name" : "RHSA-2016:2919", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2919.html" ]
}, },
{ "references": {
"name" : "94633", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94633" "name": "RHSA-2016:2919",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-2919.html"
} },
{
"name": "https://crbug.com/660498",
"refsource": "CONFIRM",
"url": "https://crbug.com/660498"
},
{
"name": "94633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94633"
},
{
"name": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html"
},
{
"name": "GLSA-201612-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-11"
}
]
}
} }

32
2016/5xxx/CVE-2016-5378.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5378", "ID": "CVE-2016-5378",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2016/5xxx/CVE-2016-5551.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5551", "ID": "CVE-2016-5551",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Solaris Cluster", "product_name": "Solaris Cluster",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "4.3" "version_value": "4.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). The supported version that is affected is 4.3. Easily \"exploitable\" vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris Cluster executes to compromise Solaris Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Solaris Cluster accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily \"exploitable\" vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris Cluster executes to compromise Solaris Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Solaris Cluster accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html" "lang": "eng",
}, "value": "Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: NAS device addition). The supported version that is affected is 4.3. Easily \"exploitable\" vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris Cluster executes to compromise Solaris Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Solaris Cluster accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)."
{ }
"name" : "97803", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97803" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038292", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038292" "lang": "eng",
} "value": "Easily \"exploitable\" vulnerability allows unauthenticated attacker with logon to the infrastructure where Solaris Cluster executes to compromise Solaris Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Solaris Cluster accessible data."
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "97803",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97803"
},
{
"name": "1038292",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038292"
}
]
}
} }

164
2016/5xxx/CVE-2016-5932.json
View File

@ -1,85 +1,85 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-5932", "ID": "CVE-2016-5932",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Connections", "product_name": "Connections",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "4.5" "version_value": "4.5"
}, },
{ {
"version_value" : "3.0" "version_value": "3.0"
}, },
{ {
"version_value" : "3.0.1" "version_value": "3.0.1"
}, },
{ {
"version_value" : "3.0.1.1" "version_value": "3.0.1.1"
}, },
{ {
"version_value" : "4.0" "version_value": "4.0"
}, },
{ {
"version_value" : "5.0" "version_value": "5.0"
}, },
{ {
"version_value" : "5.5" "version_value": "5.5"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Connections 4.0, 4.5, 5.0, and 5.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998294."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21998294", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21998294" "lang": "eng",
}, "value": "IBM Connections 4.0, 4.5, 5.0, and 5.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1998294."
{ }
"name" : "96453", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96453" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96453",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96453"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998294",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998294"
}
]
}
} }

124
2018/1999xxx/CVE-2018-1999042.json
View File

@ -1,65 +1,65 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-08-18T21:50:59.833537", "DATE_ASSIGNED": "2018-08-18T21:50:59.833537",
"DATE_REQUESTED" : "2018-08-15T00:00:00", "DATE_REQUESTED": "2018-08-15T00:00:00",
"ID" : "CVE-2018-1999042", "ID": "CVE-2018-1999042",
"REQUESTER" : "ml@beckweb.net", "REQUESTER": "ml@beckweb.net",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Jenkins", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.137 and earlier, 2.121.2 and earlier" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Jenkins project" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in XStream2.java that allows attackers to have Jenkins resolve a domain name when deserializing an instance of java.net.URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-502"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://jenkins.io/security/advisory/2018-08-15/#SECURITY-637", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://jenkins.io/security/advisory/2018-08-15/#SECURITY-637" "lang": "eng",
} "value": "A vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in XStream2.java that allows attackers to have Jenkins resolve a domain name when deserializing an instance of java.net.URL."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2018-08-15/#SECURITY-637",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2018-08-15/#SECURITY-637"
}
]
}
} }

32
2018/2xxx/CVE-2018-2351.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2351", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2351",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

32
2018/2xxx/CVE-2018-2549.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-2549", "ID": "CVE-2018-2549",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2018/2xxx/CVE-2018-2874.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2874", "ID": "CVE-2018-2874",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Application Object Library", "product_name": "Application Object Library",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.1.3" "version_value": "12.1.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Logging). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows physical access to compromise Oracle Application Object Library. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Application Object Library accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows physical access to compromise Oracle Application Object Library. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Application Object Library accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Logging). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows physical access to compromise Oracle Application Object Library. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Application Object Library accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)."
{ }
"name" : "103878", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103878" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040694", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040694" "lang": "eng",
} "value": "Easily exploitable vulnerability allows physical access to compromise Oracle Application Object Library. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Application Object Library accessible data."
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1040694",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040694"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "103878",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103878"
}
]
}
} }

32
2018/6xxx/CVE-2018-6125.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6125", "ID": "CVE-2018-6125",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

148
2018/6xxx/CVE-2018-6212.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6212", "ID": "CVE-2018-6212",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, a reflected Cross-Site Scripting (XSS) attack is possible as a result of missed filtration for special characters in the \"Search\" field and incorrect processing of the XMLHttpRequest object."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.securitynewspaper.com/2018/05/25/d-link-dir-620-routers-critical-vulnerabilities/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.securitynewspaper.com/2018/05/25/d-link-dir-620-routers-critical-vulnerabilities/" "lang": "eng",
}, "value": "On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, a reflected Cross-Site Scripting (XSS) attack is possible as a result of missed filtration for special characters in the \"Search\" field and incorrect processing of the XMLHttpRequest object."
{ }
"name" : "https://securelist.com/backdoors-in-d-links-backyard/85530/", ]
"refsource" : "MISC", },
"url" : "https://securelist.com/backdoors-in-d-links-backyard/85530/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://securityaffairs.co/wordpress/72839/hacking/d-link-dir-620-flaws.html", "description": [
"refsource" : "MISC", {
"url" : "https://securityaffairs.co/wordpress/72839/hacking/d-link-dir-620-flaws.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.bleepingcomputer.com/news/security/backdoor-account-found-in-d-link-dir-620-routers/", ]
"refsource" : "MISC", }
"url" : "https://www.bleepingcomputer.com/news/security/backdoor-account-found-in-d-link-dir-620-routers/" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://securityaffairs.co/wordpress/72839/hacking/d-link-dir-620-flaws.html",
"refsource": "MISC",
"url": "https://securityaffairs.co/wordpress/72839/hacking/d-link-dir-620-flaws.html"
},
{
"name": "https://www.bleepingcomputer.com/news/security/backdoor-account-found-in-d-link-dir-620-routers/",
"refsource": "MISC",
"url": "https://www.bleepingcomputer.com/news/security/backdoor-account-found-in-d-link-dir-620-routers/"
},
{
"name": "https://securelist.com/backdoors-in-d-links-backyard/85530/",
"refsource": "MISC",
"url": "https://securelist.com/backdoors-in-d-links-backyard/85530/"
},
{
"name": "http://www.securitynewspaper.com/2018/05/25/d-link-dir-620-routers-critical-vulnerabilities/",
"refsource": "MISC",
"url": "http://www.securitynewspaper.com/2018/05/25/d-link-dir-620-routers-critical-vulnerabilities/"
}
]
}
} }

32
2019/0xxx/CVE-2019-0362.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0362", "ID": "CVE-2019-0362",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/0xxx/CVE-2019-0759.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0759", "ID": "CVE-2019-0759",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/0xxx/CVE-2019-0988.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0988", "ID": "CVE-2019-0988",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/1xxx/CVE-2019-1061.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1061", "ID": "CVE-2019-1061",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/1xxx/CVE-2019-1510.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1510", "ID": "CVE-2019-1510",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

398
2019/1xxx/CVE-2019-1598.json
View File

@ -1,202 +1,202 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC" : "2019-03-06T16:00:00-0800", "DATE_PUBLIC": "2019-03-06T16:00:00-0800",
"ID" : "CVE-2019-1598", "ID": "CVE-2019-1598",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities" "TITLE": "Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Firepower 4100 Series Next-Generation Firewalls", "product_name": "Firepower 4100 Series Next-Generation Firewalls",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "2.0.1.201" "version_value": "2.0.1.201"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "2.2.2.54" "version_value": "2.2.2.54"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "2.3.1.75" "version_value": "2.3.1.75"
} }
] ]
} }
}, },
{ {
"product_name" : "Firepower 9300 Security Appliance", "product_name": "Firepower 9300 Security Appliance",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "2.0.1.201" "version_value": "2.0.1.201"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "2.2.2.54" "version_value": "2.2.2.54"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "2.3.1.75" "version_value": "2.3.1.75"
} }
] ]
} }
}, },
{ {
"product_name" : "MDS 9000 Series Multilayer Switches", "product_name": "MDS 9000 Series Multilayer Switches",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "8.2(1)" "version_value": "8.2(1)"
} }
] ]
} }
}, },
{ {
"product_name" : "Nexus 3000 Series Switches", "product_name": "Nexus 3000 Series Switches",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.0(3)I7(1)" "version_value": "7.0(3)I7(1)"
} }
] ]
} }
}, },
{ {
"product_name" : "Nexus 3500 Platform Switches ", "product_name": "Nexus 3500 Platform Switches ",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.0(3)I7(2)" "version_value": "7.0(3)I7(2)"
} }
] ]
} }
}, },
{ {
"product_name" : "Nexus 7000 and 7700 Series Switches", "product_name": "Nexus 7000 and 7700 Series Switches",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "6.2(20)" "version_value": "6.2(20)"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.3(2)D1(1)" "version_value": "7.3(2)D1(1)"
}, },
{ {
"affected" : "<", "affected": "<",
"version_value" : "8.2(1)" "version_value": "8.2(1)"
} }
] ]
} }
}, },
{ {
"product_name" : "Nexus 9000 Series Switches in Standalone NX-OS Mode ", "product_name": "Nexus 9000 Series Switches in Standalone NX-OS Mode ",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "7.0(3)I7(1)" "version_value": "7.0(3)I7(1)"
} }
] ]
} }
}, },
{ {
"product_name" : "UCS 6200 and 6300 Fabric Interconnect", "product_name": "UCS 6200 and 6300 Fabric Interconnect",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "3.2(2b)" "version_value": "3.2(2b)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cisco" "vendor_name": "Cisco"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets by an affected device. An attacker could exploit these vulnerabilities by sending an LDAP packet crafted using Basic Encoding Rules (BER) to an affected device. The LDAP packet must have a source IP address of an LDAP server configured on the targeted device. A successful exploit could cause the affected device to reload, resulting in a DoS condition. Firepower 4100 Series Next-Generation Firewalls are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. Firepower 9300 Security Appliances are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.2(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(2). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(20), 7.3(2)D1(1), and 8.2(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(1). UCS 6200 and 6300 Fabric Interconnect are affected in versions prior to 3.2(2b)."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. "
}
],
"impact" : {
"cvss" : {
"baseScore" : "8.6",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H ",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-20"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20190306 Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities", "description_data": [
"refsource" : "CISCO", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap" "lang": "eng",
}, "value": "Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets by an affected device. An attacker could exploit these vulnerabilities by sending an LDAP packet crafted using Basic Encoding Rules (BER) to an affected device. The LDAP packet must have a source IP address of an LDAP server configured on the targeted device. A successful exploit could cause the affected device to reload, resulting in a DoS condition. Firepower 4100 Series Next-Generation Firewalls are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. Firepower 9300 Security Appliances are affected in versions prior to 2.0.1.201, 2.2.2.54, and 2.3.1.75. MDS 9000 Series Multilayer Switches are affected in versions prior to 8.2(1). Nexus 3000 Series Switches are affected in versions prior to 7.0(3)I7(1). Nexus 3500 Platform Switches are affected in versions prior to 7.0(3)I7(2). Nexus 7000 and 7700 Series Switches are affected in versions prior to 6.2(20), 7.3(2)D1(1), and 8.2(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected in versions prior to 7.0(3)I7(1). UCS 6200 and 6300 Fabric Interconnect are affected in versions prior to 3.2(2b)."
{ }
"name" : "107394", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/107394" "exploit": [
} {
] "lang": "eng",
}, "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. "
"source" : { }
"advisory" : "cisco-sa-20190306-nxosldap", ],
"defect" : [ "impact": {
[ "cvss": {
"CSCvd40241", "baseScore": "8.6",
"CSCvd57308", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H ",
"CSCve02855", "version": "3.0"
"CSCve02858", }
"CSCve02865", },
"CSCve02867", "problemtype": {
"CSCve02871", "problemtype_data": [
"CSCve57816", {
"CSCve57820", "description": [
"CSCve58224" {
] "lang": "eng",
], "value": "CWE-20"
"discovery" : "INTERNAL" }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "20190306 Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxosldap"
},
{
"name": "107394",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107394"
}
]
},
"source": {
"advisory": "cisco-sa-20190306-nxosldap",
"defect": [
[
"CSCvd40241",
"CSCvd57308",
"CSCve02855",
"CSCve02858",
"CSCve02865",
"CSCve02867",
"CSCve02871",
"CSCve57816",
"CSCve57820",
"CSCve58224"
]
],
"discovery": "INTERNAL"
}
} }

32
2019/1xxx/CVE-2019-1883.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1883", "ID": "CVE-2019-1883",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5350.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5350", "ID": "CVE-2019-5350",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5462.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5462", "ID": "CVE-2019-5462",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5574.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5574", "ID": "CVE-2019-5574",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5745.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5745", "ID": "CVE-2019-5745",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }