admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:09:07 +00:00
parent d2d532d7bd
commit ef044dae77
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
65 changed files with 4131 additions and 4131 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
2007/0xxx/CVE-2007-0020.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0020",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0020",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit (Transmit.app) up to 3.5.5 allows remote attackers to execute arbitrary code via a long ftps:// URL."
"lang": "eng",
"value": "Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit (Transmit.app) up to 3.5.5 allows remote attackers to execute arbitrary code via a long ftps:// URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://projects.info-pull.com/moab/MOAB-19-01-2007.html",
"refsource" : "MISC",
"url" : "http://projects.info-pull.com/moab/MOAB-19-01-2007.html"
"name": "transmit-url-handler-bo(31673)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31673"
},
{
"name" : "3160",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3160"
"name": "22145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22145"
},
{
"name" : "22145",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22145"
"name": "23861",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23861"
},
{
"name" : "ADV-2007-0273",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0273"
"name": "http://projects.info-pull.com/moab/MOAB-19-01-2007.html",
"refsource": "MISC",
"url": "http://projects.info-pull.com/moab/MOAB-19-01-2007.html"
},
{
"name" : "32694",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32694"
"name": "3160",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3160"
},
{
"name" : "23861",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23861"
"name": "ADV-2007-0273",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0273"
},
{
"name" : "transmit-url-handler-bo(31673)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31673"
"name": "32694",
"refsource": "OSVDB",
"url": "http://osvdb.org/32694"
}
]
}

98
2007/0xxx/CVE-2007-0185.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0185",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0185",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to cause a denial of service (memory exhaustion and servlet outage) via unknown vectors related to a large number of calls in a batch."
"lang": "eng",
"value": "Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to cause a denial of service (memory exhaustion and servlet outage) via unknown vectors related to a large number of calls in a batch."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://getahead.ltd.uk/dwr/changelog",
"refsource" : "CONFIRM",
"url" : "http://getahead.ltd.uk/dwr/changelog"
"name": "32658",
"refsource": "OSVDB",
"url": "http://osvdb.org/32658"
},
{
"name" : "SUSE-SR:2009:004",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
"name": "23641",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23641"
},
{
"name" : "21955",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21955"
"name": "http://getahead.ltd.uk/dwr/changelog",
"refsource": "CONFIRM",
"url": "http://getahead.ltd.uk/dwr/changelog"
},
{
"name" : "ADV-2007-0095",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0095"
"name": "ADV-2007-0095",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0095"
},
{
"name" : "32658",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32658"
"name": "SUSE-SR:2009:004",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
},
{
"name" : "23641",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23641"
"name": "21955",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21955"
},
{
"name" : "dwr-servlet-engine-dos(31382)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31382"
"name": "dwr-servlet-engine-dos(31382)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31382"
}
]
}

290
2007/0xxx/CVE-2007-0907.json
View File

@ -1,251 +1,251 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0907",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0907",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function."
"lang": "eng",
"value": "Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070227 rPSA-2007-0043-1 php php-mysql php-pgsql",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/461462/100/0/threaded"
"name": "DSA-1264",
"refsource": "DEBIAN",
"url": "http://www.us.debian.org/security/2007/dsa-1264"
},
{
"name" : "http://www.php.net/ChangeLog-5.php#5.2.1",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-5.php#5.2.1"
"name": "24295",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24295"
},
{
"name" : "http://www.php.net/releases/5_2_1.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/releases/5_2_1.php"
"name": "2007-0009",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0009/"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1088",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1088"
"name": "OpenPKG-SA-2007.010",
"refsource": "OPENPKG",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm"
"name": "24195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24195"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm"
"name": "1017671",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017671"
},
{
"name" : "DSA-1264",
"refsource" : "DEBIAN",
"url" : "http://www.us.debian.org/security/2007/dsa-1264"
"name": "32767",
"refsource": "OSVDB",
"url": "http://osvdb.org/32767"
},
{
"name" : "GLSA-200703-21",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200703-21.xml"
"name": "24606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24606"
},
{
"name" : "MDKSA-2007:048",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048"
"name": "24642",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24642"
},
{
"name" : "OpenPKG-SA-2007.010",
"refsource" : "OPENPKG",
"url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html"
"name": "24217",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24217"
},
{
"name" : "RHSA-2007:0076",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0076.html"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm"
},
{
"name" : "RHSA-2007:0081",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0081.html"
"name": "24248",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24248"
},
{
"name" : "RHSA-2007:0089",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0089.html"
"name": "24514",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24514"
},
{
"name" : "RHSA-2007:0088",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0088.html"
"name": "22496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22496"
},
{
"name" : "RHSA-2007:0082",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0082.html"
"name": "https://issues.rpath.com/browse/RPL-1088",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1088"
},
{
"name" : "20070201-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
"name": "24284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24284"
},
{
"name" : "SUSE-SA:2007:020",
"refsource" : "SUSE",
"url" : "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html"
"name": "USN-424-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-424-2"
},
{
"name" : "2007-0009",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2007/0009/"
"name": "http://www.php.net/releases/5_2_1.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/releases/5_2_1.php"
},
{
"name" : "USN-424-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-424-1"
"name": "GLSA-200703-21",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name" : "USN-424-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-424-2"
"name": "24432",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24432"
},
{
"name" : "22496",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22496"
"name": "24421",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24421"
},
{
"name" : "oval:org.mitre.oval:def:11321",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11321"
"name": "24089",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24089"
},
{
"name" : "ADV-2007-0546",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0546"
"name": "SUSE-SA:2007:020",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html"
},
{
"name" : "32767",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32767"
"name": "RHSA-2007:0076",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0076.html"
},
{
"name" : "1017671",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017671"
"name": "24419",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24419"
},
{
"name" : "24089",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24089"
"name": "RHSA-2007:0089",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0089.html"
},
{
"name" : "24195",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24195"
"name": "RHSA-2007:0088",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0088.html"
},
{
"name" : "24217",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24217"
"name": "20070227 rPSA-2007-0043-1 php php-mysql php-pgsql",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/461462/100/0/threaded"
},
{
"name" : "24248",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24248"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm"
},
{
"name" : "24236",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24236"
"name": "RHSA-2007:0082",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0082.html"
},
{
"name" : "24295",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24295"
"name": "oval:org.mitre.oval:def:11321",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11321"
},
{
"name" : "24322",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24322"
"name": "20070201-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
},
{
"name" : "24432",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24432"
"name": "http://www.php.net/ChangeLog-5.php#5.2.1",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php#5.2.1"
},
{
"name" : "24421",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24421"
"name": "MDKSA-2007:048",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048"
},
{
"name" : "24514",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24514"
"name": "USN-424-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-424-1"
},
{
"name" : "24606",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24606"
"name": "RHSA-2007:0081",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0081.html"
},
{
"name" : "24642",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24642"
"name": "24322",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24322"
},
{
"name" : "24284",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24284"
"name": "24236",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24236"
},
{
"name" : "24419",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24419"
"name": "ADV-2007-0546",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0546"
}
]
}

338
2007/0xxx/CVE-2007-0988.json
View File

@ -1,291 +1,291 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0988",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0988",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an \"a:2147483649:{\" argument."
"lang": "eng",
"value": "The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an \"a:2147483649:{\" argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070227 rPSA-2007-0043-1 php php-mysql php-pgsql",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/461462/100/0/threaded"
"name": "DSA-1264",
"refsource": "DEBIAN",
"url": "http://www.us.debian.org/security/2007/dsa-1264"
},
{
"name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858",
"refsource" : "MISC",
"url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858"
"name": "24295",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24295"
},
{
"name" : "http://www.php.net/releases/5_2_1.php",
"refsource" : "MISC",
"url" : "http://www.php.net/releases/5_2_1.php"
"name": "2007-0009",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0009/"
},
{
"name" : "http://www.php-security.org/MOPB/MOPB-05-2007.html",
"refsource" : "MISC",
"url" : "http://www.php-security.org/MOPB/MOPB-05-2007.html"
"name": "OpenPKG-SA-2007.010",
"refsource": "OPENPKG",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1088",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1088"
"name": "24195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24195"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm"
"name": "ADV-2007-1991",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm"
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name" : "DSA-1264",
"refsource" : "DEBIAN",
"url" : "http://www.us.debian.org/security/2007/dsa-1264"
"name": "1017671",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017671"
},
{
"name" : "GLSA-200703-21",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200703-21.xml"
"name": "http://www.php-security.org/MOPB/MOPB-05-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-05-2007.html"
},
{
"name" : "HPSBMA02215",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"
"name": "SSRT071423",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"
},
{
"name" : "SSRT071423",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"
"name": "http://www.php.net/releases/5_2_1.php",
"refsource": "MISC",
"url": "http://www.php.net/releases/5_2_1.php"
},
{
"name" : "HPSBTU02232",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"
"name": "24606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24606"
},
{
"name" : "SSRT071429",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"
"name": "2315",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2315"
},
{
"name" : "MDKSA-2007:048",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048"
"name": "24642",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24642"
},
{
"name" : "OpenPKG-SA-2007.010",
"refsource" : "OPENPKG",
"url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html"
"name": "php-zendhashinit-dos(32709)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32709"
},
{
"name" : "RHSA-2007:0076",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0076.html"
"name": "24217",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24217"
},
{
"name" : "RHSA-2007:0081",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0081.html"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm"
},
{
"name" : "RHSA-2007:0089",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0089.html"
"name": "24248",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24248"
},
{
"name" : "RHSA-2007:0088",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0088.html"
"name": "HPSBTU02232",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"
},
{
"name" : "RHSA-2007:0082",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0082.html"
"name": "https://issues.rpath.com/browse/RPL-1088",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1088"
},
{
"name" : "20070201-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
"name": "oval:org.mitre.oval:def:11092",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11092"
},
{
"name" : "SUSE-SA:2007:032",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html"
"name": "24284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24284"
},
{
"name" : "2007-0009",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2007/0009/"
"name": "USN-424-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-424-2"
},
{
"name" : "USN-424-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-424-1"
"name": "32762",
"refsource": "OSVDB",
"url": "http://osvdb.org/32762"
},
{
"name" : "USN-424-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-424-2"
"name": "GLSA-200703-21",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name" : "oval:org.mitre.oval:def:11092",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11092"
"name": "SSRT071429",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"
},
{
"name" : "ADV-2007-1991",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1991"
"name": "24432",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24432"
},
{
"name" : "ADV-2007-2374",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2374"
"name": "24421",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24421"
},
{
"name" : "32762",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32762"
"name": "ADV-2007-2374",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"name" : "1017671",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017671"
"name": "25423",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25423"
},
{
"name" : "24195",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24195"
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858",
"refsource": "MISC",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858"
},
{
"name" : "24217",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24217"
"name": "RHSA-2007:0076",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0076.html"
},
{
"name" : "24248",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24248"
"name": "24419",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24419"
},
{
"name" : "24236",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24236"
"name": "RHSA-2007:0089",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0089.html"
},
{
"name" : "24295",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24295"
"name": "RHSA-2007:0088",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0088.html"
},
{
"name" : "24322",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24322"
"name": "20070227 rPSA-2007-0043-1 php php-mysql php-pgsql",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/461462/100/0/threaded"
},
{
"name" : "24432",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24432"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm"
},
{
"name" : "24421",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24421"
"name": "HPSBMA02215",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"
},
{
"name" : "24606",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24606"
"name": "RHSA-2007:0082",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0082.html"
},
{
"name" : "24642",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24642"
"name": "25850",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25850"
},
{
"name" : "25056",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25056"
"name": "20070201-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
},
{
"name" : "25423",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25423"
"name": "MDKSA-2007:048",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048"
},
{
"name" : "24284",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24284"
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name" : "24419",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24419"
"name": "USN-424-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-424-1"
},
{
"name" : "25850",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25850"
"name": "RHSA-2007:0081",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0081.html"
},
{
"name" : "2315",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2315"
"name": "24322",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24322"
},
{
"name" : "php-zendhashinit-dos(32709)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32709"
"name": "24236",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24236"
}
]
}

110
2007/1xxx/CVE-2007-1036.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1036",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1036",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests."
"lang": "eng",
"value": "The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070220 Jboss vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/460597/100/0/threaded"
"name": "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureJBoss",
"refsource": "MISC",
"url": "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureJBoss"
},
{
"name" : "20070220 Re: Jboss vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/460695/100/0/threaded"
"name": "1017677",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017677"
},
{
"name" : "20070220 Re: Jboss vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/460605/100/0/threaded"
"name": "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureTheJmxConsole",
"refsource": "MISC",
"url": "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureTheJmxConsole"
},
{
"name" : "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureJBoss",
"refsource" : "MISC",
"url" : "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureJBoss"
"name": "jboss-admin-unauth-access(32596)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32596"
},
{
"name" : "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureTheJmxConsole",
"refsource" : "MISC",
"url" : "http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureTheJmxConsole"
"name": "VU#632656",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/632656"
},
{
"name" : "VU#632656",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/632656"
"name": "20070220 Jboss vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460597/100/0/threaded"
},
{
"name" : "33744",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33744"
"name": "33744",
"refsource": "OSVDB",
"url": "http://osvdb.org/33744"
},
{
"name" : "1017677",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017677"
"name": "20070220 Re: Jboss vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460605/100/0/threaded"
},
{
"name" : "jboss-admin-unauth-access(32596)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32596"
"name": "20070220 Re: Jboss vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460695/100/0/threaded"
}
]
}

116
2007/1xxx/CVE-2007-1322.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1322",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1322",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction."
"lang": "eng",
"value": "QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://taviso.decsystem.org/virtsec.pdf",
"refsource" : "MISC",
"url" : "http://taviso.decsystem.org/virtsec.pdf"
"name": "qemu-icebp-dos(34043)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34043"
},
{
"name" : "DSA-1284",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1284"
"name": "23731",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23731"
},
{
"name" : "MDVSA-2008:162",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162"
"name": "DSA-1284",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1284"
},
{
"name" : "23731",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23731"
"name": "25073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25073"
},
{
"name" : "35496",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35496"
"name": "http://taviso.decsystem.org/virtsec.pdf",
"refsource": "MISC",
"url": "http://taviso.decsystem.org/virtsec.pdf"
},
{
"name" : "ADV-2007-1597",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1597"
"name": "MDVSA-2008:162",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:162"
},
{
"name" : "25073",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25073"
"name": "35496",
"refsource": "OSVDB",
"url": "http://osvdb.org/35496"
},
{
"name" : "25095",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25095"
"name": "ADV-2007-1597",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1597"
},
{
"name" : "29129",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29129"
"name": "29129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29129"
},
{
"name" : "qemu-icebp-dos(34043)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34043"
"name": "25095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25095"
}
]
}

74
2007/1xxx/CVE-2007-1947.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1947",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1947",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome by overwriting the toString function via a certain function declaration, related to incorrect identification of anonymous JavaScript functions, a different issue than CVE-2007-1878."
"lang": "eng",
"value": "Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome by overwriting the toString function via a certain function declaration, related to incorrect identification of anonymous JavaScript functions, a different issue than CVE-2007-1878."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070406 Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/464875/100/0/threaded"
"name": "20070406 Re: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464875/100/0/threaded"
},
{
"name" : "http://larholm.com/2007/04/06/more-0day-in-firebug/",
"refsource" : "MISC",
"url" : "http://larholm.com/2007/04/06/more-0day-in-firebug/"
"name": "http://larholm.com/2007/04/06/more-0day-in-firebug/#comment-6",
"refsource": "CONFIRM",
"url": "http://larholm.com/2007/04/06/more-0day-in-firebug/#comment-6"
},
{
"name" : "http://larholm.com/2007/04/06/more-0day-in-firebug/#comment-6",
"refsource" : "CONFIRM",
"url" : "http://larholm.com/2007/04/06/more-0day-in-firebug/#comment-6"
"name": "http://larholm.com/2007/04/06/more-0day-in-firebug/",
"refsource": "MISC",
"url": "http://larholm.com/2007/04/06/more-0day-in-firebug/"
}
]
}

92
2007/3xxx/CVE-2007-3077.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3077",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3077",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in listmembers.php in EQdkp 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the rank parameter."
"lang": "eng",
"value": "SQL injection vulnerability in listmembers.php in EQdkp 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the rank parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4030",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4030"
"name": "36410",
"refsource": "OSVDB",
"url": "http://osvdb.org/36410"
},
{
"name" : "24294",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24294"
"name": "25548",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25548"
},
{
"name" : "ADV-2007-2059",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2059"
"name": "4030",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4030"
},
{
"name" : "36410",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36410"
"name": "eqdkp-listmembers-sql-injection(34699)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34699"
},
{
"name" : "25548",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25548"
"name": "ADV-2007-2059",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2059"
},
{
"name" : "eqdkp-listmembers-sql-injection(34699)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34699"
"name": "24294",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24294"
}
]
}

98
2007/3xxx/CVE-2007-3375.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3375",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3375",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper."
"lang": "eng",
"value": "Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.symantec.com/security_response/writeup.jsp?docid=2007-062506-5500-99&tabid=1",
"refsource" : "MISC",
"url" : "http://www.symantec.com/security_response/writeup.jsp?docid=2007-062506-5500-99&tabid=1"
"name": "http://www.symantec.com/enterprise/security_response/weblog/2007/06/beware_of_lzh.html",
"refsource": "MISC",
"url": "http://www.symantec.com/enterprise/security_response/weblog/2007/06/beware_of_lzh.html"
},
{
"name" : "http://vuln.sg/lhaca121-en.html",
"refsource" : "MISC",
"url" : "http://vuln.sg/lhaca121-en.html"
"name": "VU#871497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/871497"
},
{
"name" : "http://www.symantec.com/enterprise/security_response/weblog/2007/06/beware_of_lzh.html",
"refsource" : "MISC",
"url" : "http://www.symantec.com/enterprise/security_response/weblog/2007/06/beware_of_lzh.html"
"name": "http://www.symantec.com/security_response/writeup.jsp?docid=2007-062506-5500-99&tabid=1",
"refsource": "MISC",
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2007-062506-5500-99&tabid=1"
},
{
"name" : "VU#871497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/871497"
"name": "lhaca-lzh-bo(35116)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35116"
},
{
"name" : "24604",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24604"
"name": "http://vuln.sg/lhaca121-en.html",
"refsource": "MISC",
"url": "http://vuln.sg/lhaca121-en.html"
},
{
"name" : "25826",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25826"
"name": "24604",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24604"
},
{
"name" : "lhaca-lzh-bo(35116)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35116"
"name": "25826",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25826"
}
]
}

134
2007/3xxx/CVE-2007-3902.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3902",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2007-3902",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of \"Uninitialized Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of \"Uninitialized Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20071211 Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=631"
"name": "26506",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26506"
},
{
"name" : "20071211 ZDI-07-073: Microsoft Internet Explorer setExpression Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/484887/100/0/threaded"
"name": "1019078",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019078"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-073.html",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-073.html"
"name": "20071211 Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=631"
},
{
"name" : "HPSBST02299",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
"name": "SSRT071506",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
},
{
"name" : "SSRT071506",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
"name": "28036",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28036"
},
{
"name" : "MS07-069",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069"
"name": "MS07-069",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069"
},
{
"name" : "TA07-345A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-345A.html"
"name": "ADV-2007-4184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4184"
},
{
"name" : "26506",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26506"
"name": "HPSBST02299",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
},
{
"name" : "ADV-2007-4184",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/4184"
"name": "TA07-345A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html"
},
{
"name" : "oval:org.mitre.oval:def:4582",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4582"
"name": "20071211 ZDI-07-073: Microsoft Internet Explorer setExpression Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484887/100/0/threaded"
},
{
"name" : "1019078",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1019078"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-073.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-073.html"
},
{
"name" : "28036",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28036"
"name": "oval:org.mitre.oval:def:4582",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4582"
},
{
"name" : "ie-uninit-object-code-execution(38713)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38713"
"name": "ie-uninit-object-code-execution(38713)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38713"
}
]
}

140
2007/4xxx/CVE-2007-4556.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4556",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4556",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via form input beginning with a \"%{\" sequence and ending with a \"}\" character."
"lang": "eng",
"value": "Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via form input beginning with a \"%{\" sequence and ending with a \"}\" character."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://forums.opensymphony.com/ann.jspa?annID=54",
"refsource" : "CONFIRM",
"url" : "http://forums.opensymphony.com/ann.jspa?annID=54"
"name": "25524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25524"
},
{
"name" : "http://issues.apache.org/struts/browse/WW-2030",
"refsource" : "CONFIRM",
"url" : "http://issues.apache.org/struts/browse/WW-2030"
"name": "http://jira.opensymphony.com/browse/XW-544",
"refsource": "CONFIRM",
"url": "http://jira.opensymphony.com/browse/XW-544"
},
{
"name" : "http://jira.opensymphony.com/browse/XW-544",
"refsource" : "CONFIRM",
"url" : "http://jira.opensymphony.com/browse/XW-544"
"name": "http://issues.apache.org/struts/browse/WW-2030",
"refsource": "CONFIRM",
"url": "http://issues.apache.org/struts/browse/WW-2030"
},
{
"name" : "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21701",
"refsource" : "CONFIRM",
"url" : "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21701"
"name": "ADV-2007-3041",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3041"
},
{
"name" : "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21706",
"refsource" : "CONFIRM",
"url" : "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21706"
"name": "http://forums.opensymphony.com/ann.jspa?annID=54",
"refsource": "CONFIRM",
"url": "http://forums.opensymphony.com/ann.jspa?annID=54"
},
{
"name" : "http://struts.apache.org/2.x/docs/s2-001.html",
"refsource" : "CONFIRM",
"url" : "http://struts.apache.org/2.x/docs/s2-001.html"
"name": "ADV-2007-3042",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3042"
},
{
"name" : "http://wiki.opensymphony.com/display/WW/1.2.3+Press+Release",
"refsource" : "CONFIRM",
"url" : "http://wiki.opensymphony.com/display/WW/1.2.3+Press+Release"
"name": "26693",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26693"
},
{
"name" : "25524",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25524"
"name": "26681",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26681"
},
{
"name" : "ADV-2007-3041",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3041"
"name": "http://wiki.opensymphony.com/display/WW/1.2.3+Press+Release",
"refsource": "CONFIRM",
"url": "http://wiki.opensymphony.com/display/WW/1.2.3+Press+Release"
},
{
"name" : "ADV-2007-3042",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3042"
"name": "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21706",
"refsource": "CONFIRM",
"url": "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21706"
},
{
"name" : "37072",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37072"
"name": "37072",
"refsource": "OSVDB",
"url": "http://osvdb.org/37072"
},
{
"name" : "26681",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26681"
"name": "http://struts.apache.org/2.x/docs/s2-001.html",
"refsource": "CONFIRM",
"url": "http://struts.apache.org/2.x/docs/s2-001.html"
},
{
"name" : "26693",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26693"
"name": "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21701",
"refsource": "CONFIRM",
"url": "http://jira.opensymphony.com/secure/ReleaseNote.jspa?projectId=10050&styleName=Html&version=21701"
},
{
"name" : "26694",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26694"
"name": "26694",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26694"
}
]
}

224
2007/4xxx/CVE-2007-4670.json
View File

@ -1,196 +1,196 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4670",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4670",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an \"Improved fix for MOPB-03-2007,\" probably a variant of CVE-2007-1285."
"lang": "eng",
"value": "Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an \"Improved fix for MOPB-03-2007,\" probably a variant of CVE-2007-1285."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.php.net/ChangeLog-5.php#5.2.4",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-5.php#5.2.4"
"name": "26822",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26822"
},
{
"name" : "http://www.php.net/releases/5_2_4.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/releases/5_2_4.php"
"name": "https://launchpad.net/bugs/173043",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/173043"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1702",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1702"
"name": "RHSA-2007:0888",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0888.html"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1693",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1693"
"name": "FEDORA-2007-709",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm"
"name": "26967",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26967"
},
{
"name" : "https://launchpad.net/bugs/173043",
"refsource" : "CONFIRM",
"url" : "https://launchpad.net/bugs/173043"
"name": "27351",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27351"
},
{
"name" : "FEDORA-2007-709",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html"
"name": "GLSA-200710-02",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"name" : "GLSA-200710-02",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
"name": "27864",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27864"
},
{
"name" : "MDKSA-2007:187",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187"
"name": "http://www.php.net/ChangeLog-5.php#5.2.4",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php#5.2.4"
},
{
"name" : "RHSA-2007:0890",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0890.html"
"name": "26930",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26930"
},
{
"name" : "RHSA-2007:0889",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0889.html"
"name": "2007-0026",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"name" : "RHSA-2007:0888",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0888.html"
"name": "RHSA-2007:0889",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0889.html"
},
{
"name" : "RHSA-2007:0891",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0891.html"
"name": "USN-549-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/549-1/"
},
{
"name" : "2007-0026",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2007/0026/"
"name": "https://issues.rpath.com/browse/RPL-1693",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1693"
},
{
"name" : "USN-549-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/549-1/"
"name": "https://issues.rpath.com/browse/RPL-1702",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1702"
},
{
"name" : "USN-549-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-549-2"
"name": "27545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27545"
},
{
"name" : "oval:org.mitre.oval:def:11028",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11028"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm"
},
{
"name" : "26822",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26822"
"name": "26838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26838"
},
{
"name" : "26838",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26838"
"name": "27377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27377"
},
{
"name" : "26930",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26930"
"name": "MDKSA-2007:187",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187"
},
{
"name" : "26871",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26871"
"name": "27102",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27102"
},
{
"name" : "26895",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26895"
"name": "http://www.php.net/releases/5_2_4.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/releases/5_2_4.php"
},
{
"name" : "26967",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26967"
"name": "26895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26895"
},
{
"name" : "27351",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27351"
"name": "USN-549-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-549-2"
},
{
"name" : "27377",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27377"
"name": "RHSA-2007:0890",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0890.html"
},
{
"name" : "27545",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27545"
"name": "RHSA-2007:0891",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0891.html"
},
{
"name" : "27102",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27102"
"name": "26871",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26871"
},
{
"name" : "27864",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27864"
"name": "oval:org.mitre.oval:def:11028",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11028"
}
]
}

92
2007/4xxx/CVE-2007-4713.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4713",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4713",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in urchin.cgi in Urchin 5.6.00r2 allow remote attackers to inject arbitrary web script or HTML via the (1) dtc, (2) vid, (3) n, (4) dt, (5) ed, and (6) bd parameters."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in urchin.cgi in Urchin 5.6.00r2 allow remote attackers to inject arbitrary web script or HTML via the (1) dtc, (2) vid, (3) n, (4) dt, (5) ed, and (6) bd parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://pridels-team.blogspot.com/2007/09/urchin-5x-multiple-xss-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels-team.blogspot.com/2007/09/urchin-5x-multiple-xss-vuln.html"
"name": "urchin-urchin-xss(36401)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36401"
},
{
"name" : "25530",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25530"
"name": "ADV-2007-3085",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3085"
},
{
"name" : "ADV-2007-3085",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3085"
"name": "http://pridels-team.blogspot.com/2007/09/urchin-5x-multiple-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels-team.blogspot.com/2007/09/urchin-5x-multiple-xss-vuln.html"
},
{
"name" : "36807",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36807"
"name": "36807",
"refsource": "OSVDB",
"url": "http://osvdb.org/36807"
},
{
"name" : "26682",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26682"
"name": "26682",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26682"
},
{
"name" : "urchin-urchin-xss(36401)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36401"
"name": "25530",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25530"
}
]
}

22
2007/4xxx/CVE-2007-4765.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4765",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4765",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2007/4xxx/CVE-2007-4845.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4845",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4845",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in UPLOAD/index.php in RW::Download 2.0.3 lite allow remote attackers to execute arbitrary SQL commands via the (1) dlid or (2) cid parameter."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in UPLOAD/index.php in RW::Download 2.0.3 lite allow remote attackers to execute arbitrary SQL commands via the (1) dlid or (2) cid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4371",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4371"
"name": "25589",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25589"
},
{
"name" : "25589",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25589"
"name": "4371",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4371"
},
{
"name" : "37077",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37077"
"name": "37077",
"refsource": "OSVDB",
"url": "http://osvdb.org/37077"
}
]
}

182
2007/4xxx/CVE-2007-4993.json
View File

@ -1,161 +1,161 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4993",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-4993",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements."
"lang": "eng",
"value": "pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20071008 rPSA-2007-0210-1 xen",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/481825/100/0/threaded"
"name": "MDKSA-2007:203",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:203"
},
{
"name" : "http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068",
"refsource" : "CONFIRM",
"url" : "http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068"
"name": "https://issues.rpath.com/browse/RPL-1752",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1752"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1752",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1752"
"name": "FEDORA-2007-2270",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00030.html"
},
{
"name" : "DSA-1384",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1384"
"name": "27047",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27047"
},
{
"name" : "FEDORA-2007-2270",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00030.html"
"name": "26986",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26986"
},
{
"name" : "FEDORA-2007-713",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html"
"name": "27486",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27486"
},
{
"name" : "FEDORA-2007-2708",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.html"
"name": "27085",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27085"
},
{
"name" : "MDKSA-2007:203",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:203"
"name": "http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068",
"refsource": "CONFIRM",
"url": "http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068"
},
{
"name" : "RHSA-2007:0323",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0323.html"
"name": "27141",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27141"
},
{
"name" : "USN-527-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-527-1"
"name": "FEDORA-2007-2708",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.html"
},
{
"name" : "25825",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25825"
"name": "27103",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27103"
},
{
"name" : "oval:org.mitre.oval:def:11240",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11240"
"name": "20071008 rPSA-2007-0210-1 xen",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481825/100/0/threaded"
},
{
"name" : "ADV-2007-3348",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3348"
"name": "RHSA-2007:0323",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0323.html"
},
{
"name" : "26986",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26986"
"name": "27161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27161"
},
{
"name" : "27085",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27085"
"name": "25825",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25825"
},
{
"name" : "27161",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27161"
"name": "27072",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27072"
},
{
"name" : "27072",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27072"
"name": "oval:org.mitre.oval:def:11240",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11240"
},
{
"name" : "27103",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27103"
"name": "FEDORA-2007-713",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html"
},
{
"name" : "27486",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27486"
"name": "USN-527-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-527-1"
},
{
"name" : "27141",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27141"
"name": "DSA-1384",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1384"
},
{
"name" : "27047",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27047"
"name": "ADV-2007-3348",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3348"
}
]
}

80
2014/100xxx/CVE-2014-100025.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-100025",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-100025",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an administrator account via a crafted request."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an administrator account via a crafted request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.com/files/125379",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/125379"
"name": "66287",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66287"
},
{
"name" : "66287",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/66287"
"name": "http://packetstormsecurity.com/files/125379",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125379"
},
{
"name" : "57102",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57102"
"name": "57102",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57102"
},
{
"name" : "savsoft-quiz-csrf(91548)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91548"
"name": "savsoft-quiz-csrf(91548)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91548"
}
]
}

22
2015/2xxx/CVE-2015-2073.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2073",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2073",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2015/2xxx/CVE-2015-2122.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2122",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-2122",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows remote attackers to cause a denial of service via network traffic to the REST port."
"lang": "eng",
"value": "The REST layer on HP SDN VAN Controller devices 2.5 and earlier allows remote attackers to cause a denial of service via network traffic to the REST port."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "HPSBGN03329",
"refsource" : "HP",
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04657823"
"name": "74588",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74588"
},
{
"name" : "SSRT102049",
"refsource" : "HP",
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04657823"
"name": "SSRT102049",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04657823"
},
{
"name" : "74588",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74588"
"name": "HPSBGN03329",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04657823"
}
]
}

74
2015/2xxx/CVE-2015-2370.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2370",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-2370",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka \"Windows RPC Elevation of Privilege Vulnerability.\""
"lang": "eng",
"value": "The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka \"Windows RPC Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "37768",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/37768/"
"name": "1032907",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032907"
},
{
"name" : "MS15-076",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-076"
"name": "37768",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37768/"
},
{
"name" : "1032907",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032907"
"name": "MS15-076",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-076"
}
]
}

22
2015/3xxx/CVE-2015-3025.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3025",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3025",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2015/3xxx/CVE-2015-3921.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3921",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3921",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html"
"name": "http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html"
},
{
"name" : "http://forum.coppermine-gallery.net/index.php/topic,78194.0.html",
"refsource" : "CONFIRM",
"url" : "http://forum.coppermine-gallery.net/index.php/topic,78194.0.html"
"name": "1032558",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032558"
},
{
"name" : "74872",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74872"
"name": "74872",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74872"
},
{
"name" : "1032558",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032558"
"name": "http://forum.coppermine-gallery.net/index.php/topic,78194.0.html",
"refsource": "CONFIRM",
"url": "http://forum.coppermine-gallery.net/index.php/topic,78194.0.html"
}
]
}

22
2015/6xxx/CVE-2015-6067.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6067",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-6067",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}

74
2015/6xxx/CVE-2015-6519.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6519",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6519",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Arab Portal 3 allows remote attackers to execute arbitrary SQL commands via the showemail parameter in a signup action to members.php."
"lang": "eng",
"value": "SQL injection vulnerability in Arab Portal 3 allows remote attackers to execute arbitrary SQL commands via the showemail parameter in a signup action to members.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "37594",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/37594/"
"name": "37594",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37594/"
},
{
"name" : "http://packetstormsecurity.com/files/132648/Arab-Portal-3-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/132648/Arab-Portal-3-SQL-Injection.html"
"name": "http://packetstormsecurity.com/files/132648/Arab-Portal-3-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132648/Arab-Portal-3-SQL-Injection.html"
},
{
"name" : "https://youtu.be/5nFblYE90Vk",
"refsource" : "MISC",
"url" : "https://youtu.be/5nFblYE90Vk"
"name": "https://youtu.be/5nFblYE90Vk",
"refsource": "MISC",
"url": "https://youtu.be/5nFblYE90Vk"
}
]
}

74
2015/6xxx/CVE-2015-6527.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6527",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6527",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The php_str_replace_in_subject function in ext/standard/string.c in PHP 7.x before 7.0.0 allows remote attackers to execute arbitrary code via a crafted value in the third argument to the str_ireplace function."
"lang": "eng",
"value": "The php_str_replace_in_subject function in ext/standard/string.c in PHP 7.x before 7.0.0 allows remote attackers to execute arbitrary code via a crafted value in the third argument to the str_ireplace function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150730 Re: CVE Request: PHP v7 - Code execution vulnerability",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/07/30/11"
"name": "http://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5",
"refsource": "CONFIRM",
"url": "http://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5"
},
{
"name" : "http://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5",
"refsource" : "CONFIRM",
"url" : "http://git.php.net/?p=php-src.git;a=commit;h=6aeee47b2cd47915ccfa3b41433a3f57aea24dd5"
"name": "[oss-security] 20150730 Re: CVE Request: PHP v7 - Code execution vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/07/30/11"
},
{
"name" : "https://bugs.php.net/bug.php?id=70140",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=70140"
"name": "https://bugs.php.net/bug.php?id=70140",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=70140"
}
]
}

74
2015/6xxx/CVE-2015-6720.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6720",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-6720",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623."
"lang": "eng",
"value": "The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-506",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-506"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-506",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-506"
},
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
"name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"name" : "1033796",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033796"
"name": "1033796",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033796"
}
]
}

80
2015/6xxx/CVE-2015-6941.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6941",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6941",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs."
"lang": "eng",
"value": "win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before 2015.8.1 leak password information in debug logs."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1273066",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1273066"
"name": "https://docs.saltstack.com/en/latest/topics/releases/2015.5.6.html",
"refsource": "CONFIRM",
"url": "https://docs.saltstack.com/en/latest/topics/releases/2015.5.6.html"
},
{
"name" : "https://docs.saltstack.com/en/latest/topics/releases/2015.5.6.html",
"refsource" : "CONFIRM",
"url" : "https://docs.saltstack.com/en/latest/topics/releases/2015.5.6.html"
"name": "https://docs.saltstack.com/en/latest/topics/releases/2015.8.1.html",
"refsource": "CONFIRM",
"url": "https://docs.saltstack.com/en/latest/topics/releases/2015.8.1.html"
},
{
"name" : "https://docs.saltstack.com/en/latest/topics/releases/2015.8.1.html",
"refsource" : "CONFIRM",
"url" : "https://docs.saltstack.com/en/latest/topics/releases/2015.8.1.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1273066",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273066"
},
{
"name" : "https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710",
"refsource" : "CONFIRM",
"url" : "https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710"
"name": "https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710",
"refsource": "CONFIRM",
"url": "https://github.com/twangboy/salt/commit/c0689e32154c41f59840ae10ffc5fbfa30618710"
}
]
}

80
2015/7xxx/CVE-2015-7036.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7036",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-7036",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument."
"lang": "eng",
"value": "The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a SQL command that triggers an API call with a crafted pointer value in the second argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://zerodayinitiative.com/advisories/ZDI-15-570/",
"refsource" : "MISC",
"url" : "http://zerodayinitiative.com/advisories/ZDI-15-570/"
"name": "http://support.apple.com/kb/HT204941",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT204941"
},
{
"name" : "http://support.apple.com/kb/HT204941",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT204941"
"name": "http://zerodayinitiative.com/advisories/ZDI-15-570/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-15-570/"
},
{
"name" : "http://support.apple.com/kb/HT204942",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT204942"
"name": "http://support.apple.com/kb/HT204942",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT204942"
},
{
"name" : "GLSA-201612-21",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201612-21"
"name": "GLSA-201612-21",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-21"
}
]
}

80
2015/7xxx/CVE-2015-7861.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7861",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7861",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling."
"lang": "eng",
"value": "Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://zerodayinitiative.com/advisories/ZDI-15-364/",
"refsource" : "MISC",
"url" : "http://zerodayinitiative.com/advisories/ZDI-15-364/"
"name": "VU#966927",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/966927"
},
{
"name" : "VU#966927",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/966927"
"name": "http://zerodayinitiative.com/advisories/ZDI-15-364/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-15-364/"
},
{
"name" : "75966",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75966"
"name": "75966",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75966"
},
{
"name" : "1033861",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033861"
"name": "1033861",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033861"
}
]
}

68
2016/0xxx/CVE-2016-0225.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0225",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0225",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.9 allows remote authenticated Commerce Accelerator administrators to obtain sensitive information via unspecified vectors."
"lang": "eng",
"value": "IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.9 allows remote authenticated Commerce Accelerator administrators to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21976623",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21976623"
"name": "JR54585",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54585"
},
{
"name" : "JR54585",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54585"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21976623",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976623"
}
]
}

22
2016/0xxx/CVE-2016-0251.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0251",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-0251",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2016/1000xxx/CVE-2016-1000192.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1000192",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000192",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2016/10xxx/CVE-2016-10007.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10007",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10007",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the \"Marketing > Forms\" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_FORM_HANDLER_orderBy parameter."
"lang": "eng",
"value": "SQL injection vulnerability in the \"Marketing > Forms\" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_FORM_HANDLER_orderBy parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://security.elarlang.eu/cve-2016-10007-and-cve-2016-10008-2-sql-injection-vulnerabilities-in-dotcms-blacklist-defence-bypass.html",
"refsource" : "MISC",
"url" : "https://security.elarlang.eu/cve-2016-10007-and-cve-2016-10008-2-sql-injection-vulnerabilities-in-dotcms-blacklist-defence-bypass.html"
"name": "https://security.elarlang.eu/cve-2016-10007-and-cve-2016-10008-2-sql-injection-vulnerabilities-in-dotcms-blacklist-defence-bypass.html",
"refsource": "MISC",
"url": "https://security.elarlang.eu/cve-2016-10007-and-cve-2016-10008-2-sql-injection-vulnerabilities-in-dotcms-blacklist-defence-bypass.html"
}
]
}

74
2016/10xxx/CVE-2016-10325.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10325",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10325",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS."
"lang": "eng",
"value": "In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://savannah.gnu.org/support/index.php?109131",
"refsource" : "CONFIRM",
"url" : "https://savannah.gnu.org/support/index.php?109131"
"name": "DSA-3879",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3879"
},
{
"name" : "DSA-3879",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3879"
"name": "92921",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92921"
},
{
"name" : "92921",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92921"
"name": "https://savannah.gnu.org/support/index.php?109131",
"refsource": "CONFIRM",
"url": "https://savannah.gnu.org/support/index.php?109131"
}
]
}

92
2016/1xxx/CVE-2016-1149.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1149",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-1149",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, and CVE-2016-1150."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, and CVE-2016-1150."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://cs.cybozu.co.jp/2015/006072.html",
"refsource" : "CONFIRM",
"url" : "https://cs.cybozu.co.jp/2015/006072.html"
"name": "JVNDB-2016-000026",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000026"
},
{
"name" : "https://cs.cybozu.co.jp/2015/006087.html",
"refsource" : "CONFIRM",
"url" : "https://cs.cybozu.co.jp/2015/006087.html"
"name": "https://cs.cybozu.co.jp/2015/006072.html",
"refsource": "CONFIRM",
"url": "https://cs.cybozu.co.jp/2015/006072.html"
},
{
"name" : "https://cs.cybozu.co.jp/2016/006107.html",
"refsource" : "CONFIRM",
"url" : "https://cs.cybozu.co.jp/2016/006107.html"
"name": "https://cs.cybozu.co.jp/2015/006087.html",
"refsource": "CONFIRM",
"url": "https://cs.cybozu.co.jp/2015/006087.html"
},
{
"name" : "https://cs.cybozu.co.jp/2016/006109.html",
"refsource" : "CONFIRM",
"url" : "https://cs.cybozu.co.jp/2016/006109.html"
"name": "https://cs.cybozu.co.jp/2016/006107.html",
"refsource": "CONFIRM",
"url": "https://cs.cybozu.co.jp/2016/006107.html"
},
{
"name" : "JVN#69278491",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN69278491/index.html"
"name": "JVN#69278491",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN69278491/index.html"
},
{
"name" : "JVNDB-2016-000026",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000026"
"name": "https://cs.cybozu.co.jp/2016/006109.html",
"refsource": "CONFIRM",
"url": "https://cs.cybozu.co.jp/2016/006109.html"
}
]
}

74
2016/1xxx/CVE-2016-1196.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1196",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-1196",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive Address Book information via an API call, a different vulnerability than CVE-2015-7776."
"lang": "eng",
"value": "Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive Address Book information via an API call, a different vulnerability than CVE-2015-7776."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.cybozu.com/ja-jp/article/8970",
"refsource" : "CONFIRM",
"url" : "https://support.cybozu.com/ja-jp/article/8970"
"name": "JVN#33879831",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN33879831/index.html"
},
{
"name" : "JVN#33879831",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN33879831/index.html"
"name": "https://support.cybozu.com/ja-jp/article/8970",
"refsource": "CONFIRM",
"url": "https://support.cybozu.com/ja-jp/article/8970"
},
{
"name" : "JVNDB-2016-000082",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000082"
"name": "JVNDB-2016-000082",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000082"
}
]
}

62
2016/1xxx/CVE-2016-1322.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1322",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1322",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584."
"lang": "eng",
"value": "The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160210 Cisco Spark Representational State Transfer Interface Unauthorized Access Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp1"
"name": "20160210 Cisco Spark Representational State Transfer Interface Unauthorized Access Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp1"
}
]
}

68
2016/1xxx/CVE-2016-1439.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1439",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1439",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux59650."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux59650."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160622 Cisco Unified Contact Center Enterprise Web-Based Management Interface Cross-Site Scripting Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce"
"name": "20160622 Cisco Unified Contact Center Enterprise Web-Based Management Interface Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce"
},
{
"name" : "1036155",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036155"
"name": "1036155",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036155"
}
]
}

80
2016/1xxx/CVE-2016-1464.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1464",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1464",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to execute arbitrary code via a crafted file, aka Bug ID CSCva09375."
"lang": "eng",
"value": "Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to execute arbitrary code via a crafted file, aka Bug ID CSCva09375."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "40508",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/40508/"
"name": "20160831 Cisco WebEx Meetings Player Arbitrary Code Execution Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-meetings-player"
},
{
"name" : "20160831 Cisco WebEx Meetings Player Arbitrary Code Execution Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-meetings-player"
"name": "1036712",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036712"
},
{
"name" : "92708",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92708"
"name": "92708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92708"
},
{
"name" : "1036712",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036712"
"name": "40508",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40508/"
}
]
}

86
2016/1xxx/CVE-2016-1804.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1804",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-1804",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Multi-Touch subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
"lang": "eng",
"value": "The Multi-Touch subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-358",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-358"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-358",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-358"
},
{
"name" : "https://support.apple.com/HT206567",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206567"
"name": "https://support.apple.com/HT206567",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206567"
},
{
"name" : "APPLE-SA-2016-05-16-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
"name": "APPLE-SA-2016-05-16-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
},
{
"name" : "90696",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/90696"
"name": "90696",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90696"
},
{
"name" : "1035895",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035895"
"name": "1035895",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035895"
}
]
}

22
2016/4xxx/CVE-2016-4044.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4044",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4044",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2016/4xxx/CVE-2016-4440.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4440",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-4440",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode."
"lang": "eng",
"value": "arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160520 CVE-2016-4440 Kernel: kvm: vmx: incorrect state update leading to MSR access",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/05/20/2"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1337806",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1337806"
},
{
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ce424e45411cf5a13105e0386b6ecf6eeb4f66f",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ce424e45411cf5a13105e0386b6ecf6eeb4f66f"
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ce424e45411cf5a13105e0386b6ecf6eeb4f66f",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3ce424e45411cf5a13105e0386b6ecf6eeb4f66f"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1337806",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1337806"
"name": "[oss-security] 20160520 CVE-2016-4440 Kernel: kvm: vmx: incorrect state update leading to MSR access",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/20/2"
},
{
"name" : "https://github.com/torvalds/linux/commit/3ce424e45411cf5a13105e0386b6ecf6eeb4f66f",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/3ce424e45411cf5a13105e0386b6ecf6eeb4f66f"
"name": "https://github.com/torvalds/linux/commit/3ce424e45411cf5a13105e0386b6ecf6eeb4f66f",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/3ce424e45411cf5a13105e0386b6ecf6eeb4f66f"
}
]
}

80
2016/4xxx/CVE-2016-4873.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4873",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4873",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function."
"lang": "eng",
"value": "Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.cybozu.com/ja-jp/article/9442",
"refsource" : "CONFIRM",
"url" : "https://support.cybozu.com/ja-jp/article/9442"
"name": "https://support.cybozu.com/ja-jp/article/9442",
"refsource": "CONFIRM",
"url": "https://support.cybozu.com/ja-jp/article/9442"
},
{
"name" : "JVN#07148816",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN07148816/index.html"
"name": "93461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93461"
},
{
"name" : "JVNDB-2016-000189",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000189.html"
"name": "JVN#07148816",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN07148816/index.html"
},
{
"name" : "93461",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93461"
"name": "JVNDB-2016-000189",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000189.html"
}
]
}

22
2019/3xxx/CVE-2019-3199.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3199",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3199",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3214.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3214",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3214",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3543.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3543",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3543",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3965.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3965",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3965",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4608.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4608",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4608",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4667.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4667",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4667",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4751.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4751",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4751",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4952.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4952",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4952",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

70
2019/6xxx/CVE-2019-6557.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2019-03-05T00:00:00",
"ID" : "CVE-2019-6557",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2019-03-05T00:00:00",
"ID": "CVE-2019-6557",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Moxa IKS, EDS",
"version" : {
"version_data" : [
"product_name": "Moxa IKS, EDS",
"version": {
"version_data": [
{
"version_value" : "IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior"
"version_value": "IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior"
}
]
}
}
]
},
"vendor_name" : "ICS-CERT"
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution."
"lang": "eng",
"value": "Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Buffer overflow CWE-120"
"lang": "eng",
"value": "Buffer overflow CWE-120"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01"
},
{
"name" : "107178",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107178"
"name": "107178",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107178"
}
]
}

22
2019/6xxx/CVE-2019-6863.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6863",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6863",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7157.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7157",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7157",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7609.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7609",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7609",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7797.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7797",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7797",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7864.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7864",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7864",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8285.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8285",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8285",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8338.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8338",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8338",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8454.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8454",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8454",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8829.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8829",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8829",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8888.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8888",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8888",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

86
2019/9xxx/CVE-2019-9194.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9194",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9194",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "elFinder before 2.1.48 has a command injection vulnerability in the PHP connector."
"lang": "eng",
"value": "elFinder before 2.1.48 has a command injection vulnerability in the PHP connector."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "46481",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46481/"
"name": "https://github.com/Studio-42/elFinder/compare/6884c4f...0740028",
"refsource": "CONFIRM",
"url": "https://github.com/Studio-42/elFinder/compare/6884c4f...0740028"
},
{
"name" : "46539",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46539/"
"name": "https://github.com/Studio-42/elFinder/releases/tag/2.1.48",
"refsource": "CONFIRM",
"url": "https://github.com/Studio-42/elFinder/releases/tag/2.1.48"
},
{
"name" : "https://github.com/Studio-42/elFinder/blob/master/README.md",
"refsource" : "CONFIRM",
"url" : "https://github.com/Studio-42/elFinder/blob/master/README.md"
"name": "46539",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46539/"
},
{
"name" : "https://github.com/Studio-42/elFinder/compare/6884c4f...0740028",
"refsource" : "CONFIRM",
"url" : "https://github.com/Studio-42/elFinder/compare/6884c4f...0740028"
"name": "46481",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46481/"
},
{
"name" : "https://github.com/Studio-42/elFinder/releases/tag/2.1.48",
"refsource" : "CONFIRM",
"url" : "https://github.com/Studio-42/elFinder/releases/tag/2.1.48"
"name": "https://github.com/Studio-42/elFinder/blob/master/README.md",
"refsource": "CONFIRM",
"url": "https://github.com/Studio-42/elFinder/blob/master/README.md"
}
]
}

62
2019/9xxx/CVE-2019-9572.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9572",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9572",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SchoolCMS version 2.3.1 allows file upload via the theme upload feature at admin.php?m=admin&c=theme&a=upload by using the .zip extension along with the _Static substring, changing the Content-Type to application/zip, and placing PHP code after the ZIP header. This ultimately allows execution of arbitrary PHP code in Public\\Home\\1_Static.php because of mishandling in the Application\\Admin\\Controller\\ThemeController.class.php Upload() function."
"lang": "eng",
"value": "SchoolCMS version 2.3.1 allows file upload via the theme upload feature at admin.php?m=admin&c=theme&a=upload by using the .zip extension along with the _Static substring, changing the Content-Type to application/zip, and placing PHP code after the ZIP header. This ultimately allows execution of arbitrary PHP code in Public\\Home\\1_Static.php because of mishandling in the Application\\Admin\\Controller\\ThemeController.class.php Upload() function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/PearlyNautilus/Security-Code-Review/issues/3",
"refsource" : "MISC",
"url" : "https://github.com/PearlyNautilus/Security-Code-Review/issues/3"
"name": "https://github.com/PearlyNautilus/Security-Code-Review/issues/3",
"refsource": "MISC",
"url": "https://github.com/PearlyNautilus/Security-Code-Review/issues/3"
}
]
}

74
2019/9xxx/CVE-2019-9581.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9581",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9581",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension."
"lang": "eng",
"value": "phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "46486",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46486"
"name": "https://sourceforge.net/p/phpscheduleit/source/ci/c5a86a279d888bd4362e4b4f61acedc054f99c39/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/phpscheduleit/source/ci/c5a86a279d888bd4362e4b4f61acedc054f99c39/"
},
{
"name" : "https://pentest.com.tr/exploits/Booked-2-7-5-Remote-Command-Execution-Metasploit.html",
"refsource" : "MISC",
"url" : "https://pentest.com.tr/exploits/Booked-2-7-5-Remote-Command-Execution-Metasploit.html"
"name": "46486",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46486"
},
{
"name" : "https://sourceforge.net/p/phpscheduleit/source/ci/c5a86a279d888bd4362e4b4f61acedc054f99c39/",
"refsource" : "MISC",
"url" : "https://sourceforge.net/p/phpscheduleit/source/ci/c5a86a279d888bd4362e4b4f61acedc054f99c39/"
"name": "https://pentest.com.tr/exploits/Booked-2-7-5-Remote-Command-Execution-Metasploit.html",
"refsource": "MISC",
"url": "https://pentest.com.tr/exploits/Booked-2-7-5-Remote-Command-Execution-Metasploit.html"
}
]
}