admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:49:08 +00:00
parent bd9c6eb038
commit f57e8a8085
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
59 changed files with 3796 additions and 3796 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
1999/0xxx/CVE-1999-0248.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0248", "ID": "CVE-1999-0248",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://oliver.efri.hr/~crv/security/bugs/mUNIXes/ssh2.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://oliver.efri.hr/~crv/security/bugs/mUNIXes/ssh2.html" "lang": "eng",
}, "value": "A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials."
{ }
"name" : "http://www.uni-karlsruhe.de/~ig25/ssh-faq/ssh-faq-6.html#ss6.1", ]
"refsource" : "CONFIRM", },
"url" : "http://www.uni-karlsruhe.de/~ig25/ssh-faq/ssh-faq-6.html#ss6.1" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://oliver.efri.hr/~crv/security/bugs/mUNIXes/ssh2.html",
"refsource": "MISC",
"url": "http://oliver.efri.hr/~crv/security/bugs/mUNIXes/ssh2.html"
},
{
"name": "http://www.uni-karlsruhe.de/~ig25/ssh-faq/ssh-faq-6.html#ss6.1",
"refsource": "CONFIRM",
"url": "http://www.uni-karlsruhe.de/~ig25/ssh-faq/ssh-faq-6.html#ss6.1"
}
]
}
}

120
1999/0xxx/CVE-1999-0487.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0487", "ID": "CVE-1999-0487",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS99-011", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-011" "lang": "eng",
} "value": "The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS99-011",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-011"
}
]
}
}

130
1999/1xxx/CVE-1999-1213.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1213", "ID": "CVE-1999-1213",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBUX9710-070", "description_data": [
"refsource" : "HP", {
"url" : "http://www2.dataguard.no/bugtraq/1997_4/0001.html" "lang": "eng",
}, "value": "Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service."
{ }
"name" : "hp-telnetdos(571)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/571" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-telnetdos(571)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/571"
},
{
"name": "HPSBUX9710-070",
"refsource": "HP",
"url": "http://www2.dataguard.no/bugtraq/1997_4/0001.html"
}
]
}
}

140
1999/1xxx/CVE-1999-1437.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1437", "ID": "CVE-1999-1437",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19980707 ePerl: bad handling of ISINDEX queries", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=90221104525890&w=2" "lang": "eng",
}, "value": "ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml."
{ }
"name" : "19980710 ePerl Security Update Available", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=90221104525927&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "151", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/151" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "19980707 ePerl: bad handling of ISINDEX queries",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=90221104525890&w=2"
},
{
"name": "151",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/151"
},
{
"name": "19980710 ePerl Security Update Available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=90221104525927&w=2"
}
]
}
}

130
1999/1xxx/CVE-1999-1549.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1549", "ID": "CVE-1999-1549",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a \"secure\" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19991116 lynx 2.8.x - 'special URLs' anti-spoofing protection is weak", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=94286509804526&w=2" "lang": "eng",
}, "value": "Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a \"secure\" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands."
{ }
"name" : "804", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/804" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "804",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/804"
},
{
"name": "19991116 lynx 2.8.x - 'special URLs' anti-spoofing protection is weak",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=94286509804526&w=2"
}
]
}
}

130
2000/0xxx/CVE-2000-0291.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0291", "ID": "CVE-2000-0291",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000416 StarOffice 5.1", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-04/0077.html" "lang": "eng",
}, "value": "Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document."
{ }
"name" : "1112", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1112" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000416 StarOffice 5.1",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0077.html"
},
{
"name": "1112",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1112"
}
]
}
}

130
2000/0xxx/CVE-2000-0426.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0426", "ID": "CVE-2000-0426",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000505 Re: Fun with UltraBoard V1.6X", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0059.html" "lang": "eng",
}, "value": "UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself."
{ }
"name" : "1175", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1175" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000505 Re: Fun with UltraBoard V1.6X",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0059.html"
},
{
"name": "1175",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1175"
}
]
}
}

150
2000/0xxx/CVE-2000-0619.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0619", "ID": "CVE-2000-0619",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Top Layer AppSwitch 2500 allows remote attackers to cause a denial of service via malformed ICMP packets."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000520 TopLayer layer 7 switch Advisory", "description_data": [
"refsource" : "VULN-DEV", {
"url" : "http://archives.neohapsis.com/archives/vuln-dev/2000-q2/0680.html" "lang": "eng",
}, "value": "Top Layer AppSwitch 2500 allows remote attackers to cause a denial of service via malformed ICMP packets."
{ }
"name" : "20000614 Update on TopLayer Advisory", ]
"refsource" : "VULN-DEV", },
"url" : "http://archives.neohapsis.com/archives/vuln-dev/2000-q2/0921.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1258", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1258" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "toplayer-icmp-dos(7364)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7364" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1258",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1258"
},
{
"name": "20000614 Update on TopLayer Advisory",
"refsource": "VULN-DEV",
"url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q2/0921.html"
},
{
"name": "toplayer-icmp-dos(7364)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7364"
},
{
"name": "20000520 TopLayer layer 7 switch Advisory",
"refsource": "VULN-DEV",
"url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q2/0680.html"
}
]
}
}

130
2000/0xxx/CVE-2000-0687.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0687", "ID": "CVE-2000-0687",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000823 Auction WeaverT LITE 1.0", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0310.html" "lang": "eng",
}, "value": "Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter."
{ }
"name" : "1630", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1630" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1630",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1630"
},
{
"name": "20000823 Auction WeaverT LITE 1.0",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0310.html"
}
]
}
}

140
2000/0xxx/CVE-2000-0732.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0732", "ID": "CVE-2000-0732",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Worm HTTP server allows remote attackers to cause a denial of service via a long URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000825 DST2K0023: Directory Traversal Possible & Denial of Service in Wo rm HTTP Server", "description_data": [
"refsource" : "NTBUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0111.html" "lang": "eng",
}, "value": "Worm HTTP server allows remote attackers to cause a denial of service via a long URL."
{ }
"name" : "1626", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1626" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "wormhttp-filename-dos(5149)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5149" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1626"
},
{
"name": "wormhttp-filename-dos(5149)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5149"
},
{
"name": "20000825 DST2K0023: Directory Traversal Possible & Denial of Service in Wo rm HTTP Server",
"refsource": "NTBUGTRAQ",
"url": "http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0111.html"
}
]
}
}

200
2000/0xxx/CVE-2000-0864.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0864", "ID": "CVE-2000-0864",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in the creation of a Unix domain socket in GNOME esound 0.2.19 and earlier allows a local user to change the permissions of arbitrary files and directories, and gain additional privileges, via a symlink attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "FreeBSD-SA-00:45", "description_data": [
"refsource" : "FREEBSD", {
"url" : "http://archives.neohapsis.com/archives/freebsd/2000-08/0365.html" "lang": "eng",
}, "value": "Race condition in the creation of a Unix domain socket in GNOME esound 0.2.19 and earlier allows a local user to change the permissions of arbitrary files and directories, and gain additional privileges, via a symlink attack."
{ }
"name" : "20000911 Patch for esound-0.2.19", ]
"refsource" : "BUGTRAQ", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-09/0095.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDKSA-2000:051", "description": [
"refsource" : "MANDRAKE", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-09/0328.htm" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2000:077", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2000-077.html" ]
}, },
{ "references": {
"name" : "20001008 esound: race condition", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2000/20001008" "name": "1659",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/1659"
"name" : "20001006 Immunix OS Security Update for esound", },
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0118.html" "name": "gnome-esound-symlink(5213)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5213"
"name" : "20001012 esound daemon race condition", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/esound_daemon_race_condition.html" "name": "MDKSA-2000:051",
}, "refsource": "MANDRAKE",
{ "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0328.htm"
"name" : "1659", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1659" "name": "20001008 esound: race condition",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2000/20001008"
"name" : "gnome-esound-symlink(5213)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5213" "name": "RHSA-2000:077",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2000-077.html"
} },
} {
"name": "20001012 esound daemon race condition",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/esound_daemon_race_condition.html"
},
{
"name": "FreeBSD-SA-00:45",
"refsource": "FREEBSD",
"url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0365.html"
},
{
"name": "20001006 Immunix OS Security Update for esound",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0118.html"
},
{
"name": "20000911 Patch for esound-0.2.19",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0095.html"
}
]
}
}

130
2000/0xxx/CVE-2000-0903.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0903", "ID": "CVE-2000-0903",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read arbitrary files via a .. (dot dot) attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000901 Multiple QNX Voyager Issues", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/79956" "lang": "eng",
}, "value": "Directory traversal vulnerability in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read arbitrary files via a .. (dot dot) attack."
{ }
"name" : "1648", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1648" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000901 Multiple QNX Voyager Issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/79956"
},
{
"name": "1648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1648"
}
]
}
}

120
2000/1xxx/CVE-2000-1151.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1151", "ID": "CVE-2000-1151",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Baxter IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001113 beos vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0203.html" "lang": "eng",
} "value": "Baxter IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20001113 beos vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0203.html"
}
]
}
}

120
2005/2xxx/CVE-2005-2325.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2325", "ID": "CVE-2005-2325",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Clever Copy 2.0 and 2.0a allows remote attackers to obtain the full path of the web root via a direct request to (1) ticker.php, (2) menu.php, (3) banned.php, (4) endlayout.php, (5) randomhlinesblock.php, (6) showlast.php, (7) showlast5class1.php, (8) showlast5phorum.php, (9) showlast5phorumblock.php, (10) showlastforumbb2.php, or (11) showlastforumbb2block.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://lostmon.blogspot.com/2005/07/clever-copy-path-disclosure-and-xss.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://lostmon.blogspot.com/2005/07/clever-copy-path-disclosure-and-xss.html" "lang": "eng",
} "value": "Clever Copy 2.0 and 2.0a allows remote attackers to obtain the full path of the web root via a direct request to (1) ticker.php, (2) menu.php, (3) banned.php, (4) endlayout.php, (5) randomhlinesblock.php, (6) showlast.php, (7) showlast5class1.php, (8) showlast5phorum.php, (9) showlast5phorumblock.php, (10) showlastforumbb2.php, or (11) showlastforumbb2block.php."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lostmon.blogspot.com/2005/07/clever-copy-path-disclosure-and-xss.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2005/07/clever-copy-path-disclosure-and-xss.html"
}
]
}
}

420
2005/2xxx/CVE-2005-2703.json
View File

@ -1,212 +1,212 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2005-2703", "ID": "CVE-2005-2703",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/mfsa2005-58.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/mfsa2005-58.html" "lang": "eng",
}, "value": "Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting."
{ }
"name" : "DSA-868", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2005/dsa-868" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-838", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2005/dsa-838" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-866", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2005/dsa-866" ]
}, },
{ "references": {
"name" : "FLSA-2006:168375", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html" "name": "MDKSA-2005:169",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169"
"name" : "MDKSA-2005:169", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:169" "name": "mozilla-xmlhttprequest-spoofing(22376)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22376"
"name" : "MDKSA-2005:170", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170" "name": "DSA-868",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2005/dsa-868"
"name" : "MDKSA-2005:174", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174" "name": "ADV-2005-1824",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/1824"
"name" : "RHSA-2005:785", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-785.html" "name": "FLSA-2006:168375",
}, "refsource": "FEDORA",
{ "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html"
"name" : "RHSA-2005:789", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-789.html" "name": "SCOSA-2005.49",
}, "refsource": "SCO",
{ "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
"name" : "RHSA-2005:791", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-791.html" "name": "oval:org.mitre.oval:def:1089",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1089"
"name" : "SCOSA-2005.49", },
"refsource" : "SCO", {
"url" : "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" "name": "15495",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/15495"
"name" : "SUSE-SA:2005:058", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html" "name": "1014954",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1014954"
"name" : "USN-200-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-200-1" "name": "RHSA-2005:789",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-789.html"
"name" : "14923", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14923" "name": "17026",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17026"
"name" : "15495", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15495" "name": "RHSA-2005:791",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-791.html"
"name" : "oval:org.mitre.oval:def:10767", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10767" "name": "USN-200-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-200-1"
"name" : "ADV-2005-1824", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/1824" "name": "17042",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17042"
"name" : "oval:org.mitre.oval:def:1089", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1089" "name": "DSA-866",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2005/dsa-866"
"name" : "1014954", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014954" "name": "http://www.mozilla.org/security/announce/mfsa2005-58.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/mfsa2005-58.html"
"name" : "16911", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16911" "name": "oval:org.mitre.oval:def:10767",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10767"
"name" : "16917", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16917" "name": "17284",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17284"
"name" : "17042", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17042" "name": "17149",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17149"
"name" : "17090", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17090" "name": "17263",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17263"
"name" : "17149", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17149" "name": "16917",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/16917"
"name" : "17284", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17284" "name": "DSA-838",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2005/dsa-838"
"name" : "17026", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17026" "name": "17014",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17014"
"name" : "17263", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17263" "name": "RHSA-2005:785",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-785.html"
"name" : "16977", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16977" "name": "SUSE-SA:2005:058",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2005_58_mozilla.html"
"name" : "17014", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17014" "name": "MDKSA-2005:174",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:174"
"name" : "mozilla-xmlhttprequest-spoofing(22376)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22376" "name": "17090",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/17090"
} },
} {
"name": "16911",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16911"
},
{
"name": "16977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16977"
},
{
"name": "14923",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14923"
},
{
"name": "MDKSA-2005:170",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:170"
}
]
}
}

210
2007/1xxx/CVE-2007-1060.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1060", "ID": "CVE-2007-1060",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Interspire SendStudio 2004.14 and earlier, when register_globals and allow_fopenurl are enabled, allow remote attackers to execute arbitrary PHP code via a URL in the ROOTDIR parameter to (1) createemails.inc.php and (2) send_emails.inc.php in /admin/includes/."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070221 [ECHO_ADV_66$2007] SendStudio <= 2004.14 Remote File Inclusion Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/460964/100/0/threaded" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in Interspire SendStudio 2004.14 and earlier, when register_globals and allow_fopenurl are enabled, allow remote attackers to execute arbitrary PHP code via a URL in the ROOTDIR parameter to (1) createemails.inc.php and (2) send_emails.inc.php in /admin/includes/."
{ }
"name" : "20070223 Re: [ECHO_ADV_66$2007] SendStudio <= 2004.14 Remote File Inclusion Vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/461019/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "3348", "description": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3348" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://advisories.echo.or.id/adv/adv66-K-159-2007.txt", ]
"refsource" : "MISC", }
"url" : "http://advisories.echo.or.id/adv/adv66-K-159-2007.txt" ]
}, },
{ "references": {
"name" : "22642", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22642" "name": "20070223 Re: [ECHO_ADV_66$2007] SendStudio <= 2004.14 Remote File Inclusion Vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/461019/100/0/threaded"
"name" : "ADV-2007-0672", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0672" "name": "22642",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22642"
"name" : "33264", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33264" "name": "sendstudio-rootdir-file-include(32602)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32602"
"name" : "33265", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33265" "name": "http://advisories.echo.or.id/adv/adv66-K-159-2007.txt",
}, "refsource": "MISC",
{ "url": "http://advisories.echo.or.id/adv/adv66-K-159-2007.txt"
"name" : "24212", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24212" "name": "20070221 [ECHO_ADV_66$2007] SendStudio <= 2004.14 Remote File Inclusion Vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/460964/100/0/threaded"
"name" : "sendstudio-rootdir-file-include(32602)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32602" "name": "33265",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/33265"
} },
} {
"name": "24212",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24212"
},
{
"name": "3348",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3348"
},
{
"name": "ADV-2007-0672",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0672"
},
{
"name": "33264",
"refsource": "OSVDB",
"url": "http://osvdb.org/33264"
}
]
}
}

180
2007/5xxx/CVE-2007-5242.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5242", "ID": "CVE-2007-5242",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an \"oversize\" packet, which is not properly discarded if \"the device has no remaining buffers after receipt of the first buffer segment.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[openvms-alerts] 20071003 VMS83A_LAN-V0200, ECO Kit Release", "description_data": [
"refsource" : "MLIST", {
"url" : "http://mail.openvms.org:8100/Lists/alerts/Message/582.html" "lang": "eng",
}, "value": "Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an \"oversize\" packet, which is not properly discarded if \"the device has no remaining buffers after receipt of the first buffer segment.\""
{ }
"name" : "[openvms-alerts] 20071003 VMS83I_LAN-V0600, ECO Kit Release", ]
"refsource" : "MLIST", },
"url" : "http://mail.openvms.org:8100/Lists/alerts/Message/583.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25939", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25939" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-3382", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/3382" ]
}, },
{ "references": {
"name" : "37812", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37812" "name": "25939",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25939"
"name" : "37813", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37813" "name": "37813",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37813"
"name" : "27084", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27084" "name": "27084",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/27084"
} },
} {
"name": "[openvms-alerts] 20071003 VMS83I_LAN-V0600, ECO Kit Release",
"refsource": "MLIST",
"url": "http://mail.openvms.org:8100/Lists/alerts/Message/583.html"
},
{
"name": "ADV-2007-3382",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3382"
},
{
"name": "37812",
"refsource": "OSVDB",
"url": "http://osvdb.org/37812"
},
{
"name": "[openvms-alerts] 20071003 VMS83A_LAN-V0200, ECO Kit Release",
"refsource": "MLIST",
"url": "http://mail.openvms.org:8100/Lists/alerts/Message/582.html"
}
]
}
}

180
2007/5xxx/CVE-2007-5369.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5369", "ID": "CVE-2007-5369",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The GetMagicNumberString function in Massive Entertainment World in Conflict 1.000 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a string to the VoIP port (52999/tcp) with an invalid value in the third byte."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071009 NULL pointer crash in World in Conflict 1.000", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/481895/100/0/threaded" "lang": "eng",
}, "value": "The GetMagicNumberString function in Massive Entertainment World in Conflict 1.000 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a string to the VoIP port (52999/tcp) with an invalid value in the third byte."
{ }
"name" : "http://www.massive.se/Index.asp?nNewsId=1387", ]
"refsource" : "MISC", },
"url" : "http://www.massive.se/Index.asp?nNewsId=1387" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25985", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25985" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-3448", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/3448" ]
}, },
{ "references": {
"name" : "27157", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27157" "name": "worldinconflict-getmagicnumberstring-dos(37034)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37034"
"name" : "3214", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3214" "name": "25985",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25985"
"name" : "worldinconflict-getmagicnumberstring-dos(37034)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37034" "name": "20071009 NULL pointer crash in World in Conflict 1.000",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/481895/100/0/threaded"
} },
} {
"name": "http://www.massive.se/Index.asp?nNewsId=1387",
"refsource": "MISC",
"url": "http://www.massive.se/Index.asp?nNewsId=1387"
},
{
"name": "27157",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27157"
},
{
"name": "ADV-2007-3448",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3448"
},
{
"name": "3214",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3214"
}
]
}
}

260
2007/5xxx/CVE-2007-5618.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5618", "ID": "CVE-2007-5618",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/489739/100/0/threaded" "lang": "eng",
}, "value": "Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious programs."
{ }
"name" : "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", "description": [
"refsource" : "MLIST", {
"url" : "http://lists.vmware.com/pipermail/security-announce/2008/000008.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.vmware.com/support/player/doc/releasenotes_player.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.vmware.com/support/player/doc/releasenotes_player.html" ]
}, },
{ "references": {
"name" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
"name" : "http://www.vmware.com/support/server/doc/releasenotes_server.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/server/doc/releasenotes_server.html" "name": "ADV-2007-3229",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3229"
"name" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
"name" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" "name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
"name" : "http://www.vmware.com/security/advisories/VMSA-2008-0005.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2008-0005.html" "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
"name" : "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html" "name": "26890",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26890"
"name" : "28276", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/28276" "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
"name" : "28289", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/28289" "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
"name" : "ADV-2007-3229", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3229" "name": "28289",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/28289"
"name" : "ADV-2008-0905", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0905/references" "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
"name" : "26890", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26890" "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
} "refsource": "MLIST",
] "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
} },
} {
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "ADV-2008-0905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0905/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
},
{
"name": "28276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28276"
}
]
}
}

130
2009/2xxx/CVE-2009-2549.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2549", "ID": "CVE-2009-2549",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service via a join packet with a final field whose value is (1) 0, which triggers a server crash related to memory allocation, or (2) 1, which triggers CPU/memory consumption and a NULL pointer dereference."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://aluigi.altervista.org/adv/armazzo-adv.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://aluigi.altervista.org/adv/armazzo-adv.txt" "lang": "eng",
}, "value": "Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service via a join packet with a final field whose value is (1) 0, which triggers a server crash related to memory allocation, or (2) 1, which triggers CPU/memory consumption and a NULL pointer dereference."
{ }
"name" : "ADV-2009-1951", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2009/1951" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1951",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1951"
},
{
"name": "http://aluigi.altervista.org/adv/armazzo-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/armazzo-adv.txt"
}
]
}
}

140
2009/2xxx/CVE-2009-2943.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2943", "ID": "CVE-2009-2943",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "DSA-1909", "description_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2009/dsa-1909" "lang": "eng",
}, "value": "The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings."
{ }
"name" : "59029", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/59029" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37048", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37048" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "37048",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37048"
},
{
"name": "DSA-1909",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1909"
},
{
"name": "59029",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/59029"
}
]
}
}

140
2015/0xxx/CVE-2015-0474.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-0474", "ID": "CVE-2015-0474",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-0493."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-0493."
{ }
"name" : "74139", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/74139" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1032131", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032131" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "74139",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74139"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "1032131",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032131"
}
]
}
}

130
2015/0xxx/CVE-2015-0551.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2015-0551", "ID": "CVE-2015-0551",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25; Documentum Web Publishers 6.5 SP7 before P25; and Documentum Task Space 6.7SP1 before P31 and 6.7SP2 before P23 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150701 ESA-2015-111: EMC Documentum WebTop Client Products Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2015/Jul/9" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25; Documentum Web Publishers 6.5 SP7 before P25; and Documentum Task Space 6.7SP1 before P31 and 6.7SP2 before P23 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "1032770", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1032770" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032770",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032770"
},
{
"name": "20150701 ESA-2015-111: EMC Documentum WebTop Client Products Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2015/Jul/9"
}
]
}
}

150
2015/3xxx/CVE-2015-3631.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3631", "ID": "CVE-2015-3631",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150508 Docker 1.6.1 - Security Advisory [150507]", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2015/May/28" "lang": "eng",
}, "value": "Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc."
{ }
"name" : "http://packetstormsecurity.com/files/131835/Docker-Privilege-Escalation-Information-Disclosure.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/131835/Docker-Privilege-Escalation-Information-Disclosure.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://groups.google.com/forum/#!searchin/docker-user/1.6.1/docker-user/47GZrihtr-4/nwgeOOFLexIJ", "description": [
"refsource" : "CONFIRM", {
"url" : "https://groups.google.com/forum/#!searchin/docker-user/1.6.1/docker-user/47GZrihtr-4/nwgeOOFLexIJ" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2015:0905", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-updates/2015-05/msg00023.html" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://groups.google.com/forum/#!searchin/docker-user/1.6.1/docker-user/47GZrihtr-4/nwgeOOFLexIJ",
"refsource": "CONFIRM",
"url": "https://groups.google.com/forum/#!searchin/docker-user/1.6.1/docker-user/47GZrihtr-4/nwgeOOFLexIJ"
},
{
"name": "20150508 Docker 1.6.1 - Security Advisory [150507]",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/May/28"
},
{
"name": "openSUSE-SU-2015:0905",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00023.html"
},
{
"name": "http://packetstormsecurity.com/files/131835/Docker-Privilege-Escalation-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131835/Docker-Privilege-Escalation-Information-Disclosure.html"
}
]
}
}

170
2015/3xxx/CVE-2015-3766.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-3766", "ID": "CVE-2015-3766",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/kb/HT205030", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205030" "lang": "eng",
}, "value": "The kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly restrict the mach_port_space_info interface, which allows attackers to obtain sensitive memory-layout information via a crafted app."
{ }
"name" : "https://support.apple.com/kb/HT205031", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/kb/HT205031" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2015-08-13-2", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-08-13-3", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" ]
}, },
{ "references": {
"name" : "76343", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76343" "name": "https://support.apple.com/kb/HT205030",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT205030"
"name" : "1033275", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033275" "name": "1033275",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1033275"
} },
} {
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "APPLE-SA-2015-08-13-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "76343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76343"
}
]
}
}

34
2015/4xxx/CVE-2015-4130.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4130", "ID": "CVE-2015-4130",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2015/4xxx/CVE-2015-4178.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-4178", "ID": "CVE-2015-4178",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call, related to fs/fs_pin.c and include/linux/fs_pin.h."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150529 CVE request Linux kernel: ns: user namespaces panic", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2015/05/29/5" "lang": "eng",
}, "value": "The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call, related to fs/fs_pin.c and include/linux/fs_pin.h."
{ }
"name" : "[oss-security] 20150529 Re: CVE request Linux kernel: ns: user namespaces panic", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2015/05/29/10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20150604 Re: Re: CVE request Linux kernel: ns: user namespaces panic", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/06/04/5" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=820f9f147dcce2602eefd9b575bbbd9ea14f0953", ]
"refsource" : "CONFIRM", }
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=820f9f147dcce2602eefd9b575bbbd9ea14f0953" ]
}, },
{ "references": {
"name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.5", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.5" "name": "[oss-security] 20150529 CVE request Linux kernel: ns: user namespaces panic",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2015/05/29/5"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1249849", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1249849" "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.5",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.5"
"name" : "https://github.com/torvalds/linux/commit/820f9f147dcce2602eefd9b575bbbd9ea14f0953", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/820f9f147dcce2602eefd9b575bbbd9ea14f0953" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1249849",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1249849"
} },
} {
"name": "[oss-security] 20150529 Re: CVE request Linux kernel: ns: user namespaces panic",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2015/05/29/10"
},
{
"name": "[oss-security] 20150604 Re: Re: CVE request Linux kernel: ns: user namespaces panic",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/04/5"
},
{
"name": "https://github.com/torvalds/linux/commit/820f9f147dcce2602eefd9b575bbbd9ea14f0953",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/820f9f147dcce2602eefd9b575bbbd9ea14f0953"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=820f9f147dcce2602eefd9b575bbbd9ea14f0953",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=820f9f147dcce2602eefd9b575bbbd9ea14f0953"
}
]
}
}

130
2015/4xxx/CVE-2015-4458.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4458", "ID": "CVE-2015-4458",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The TLS implementation in the Cavium cryptographic-module firmware, as distributed with Cisco Adaptive Security Appliance (ASA) Software 9.1(5.21) and other products, does not verify the MAC field, which allows man-in-the-middle attackers to spoof TLS content by modifying packets, aka Bug ID CSCuu52976."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150714 Cisco Adaptive Security Appliance Message Authentication Code Checking Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=39919" "lang": "eng",
}, "value": "The TLS implementation in the Cavium cryptographic-module firmware, as distributed with Cisco Adaptive Security Appliance (ASA) Software 9.1(5.21) and other products, does not verify the MAC field, which allows man-in-the-middle attackers to spoof TLS content by modifying packets, aka Bug ID CSCuu52976."
{ }
"name" : "1032927", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1032927" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032927",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032927"
},
{
"name": "20150714 Cisco Adaptive Security Appliance Message Authentication Code Checking Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39919"
}
]
}
}

130
2015/4xxx/CVE-2015-4629.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4629", "ID": "CVE-2015-4629",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Huawei E5756S before V200R002B146D23SP00C00 allows remote attackers to read device configuration information, enable PIN/PUK authentication, and perform other unspecified actions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-441178.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-441178.htm" "lang": "eng",
}, "value": "Huawei E5756S before V200R002B146D23SP00C00 allows remote attackers to read device configuration information, enable PIN/PUK authentication, and perform other unspecified actions."
{ }
"name" : "75194", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/75194" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75194",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75194"
},
{
"name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-441178.htm",
"refsource": "CONFIRM",
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-441178.htm"
}
]
}
}

150
2015/4xxx/CVE-2015-4974.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-4974", "ID": "CVE-2015-4974",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366" "lang": "eng",
}, "value": "IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21972152", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21972152" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "77025", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77025" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1035094", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1035094" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366"
},
{
"name": "1035094",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035094"
},
{
"name": "77025",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77025"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
}
]
}
}

190
2015/7xxx/CVE-2015-7184.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2015-7184", "ID": "CVE-2015-7184",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin Policy via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-115.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-115.html" "lang": "eng",
}, "value": "The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin Policy via a crafted web site."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1208339", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1208339" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1212669", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1212669" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2015:1817", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00021.html" "name": "USN-2768-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2768-1"
"name" : "USN-2768-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2768-1" "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-115.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-115.html"
"name" : "77100", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77100" "name": "openSUSE-SU-2015:1817",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00021.html"
"name" : "1033820", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033820" "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
} "refsource": "CONFIRM",
] "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
} },
} {
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1208339",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1208339"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1212669",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1212669"
},
{
"name": "1033820",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033820"
},
{
"name": "77100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77100"
}
]
}
}

34
2015/8xxx/CVE-2015-8204.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8204", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8204",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

34
2015/8xxx/CVE-2015-8206.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8206", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8206",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

120
2015/8xxx/CVE-2015-8281.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2015-8281", "ID": "CVE-2015-8281",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#913000", "description_data": [
"refsource" : "CERT-VN", {
"url" : "https://www.kb.cert.org/vuls/id/913000" "lang": "eng",
} "value": "Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#913000",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/913000"
}
]
}
}

132
2015/9xxx/CVE-2015-9194.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2015-9194", "ID": "CVE-2015-9194",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile", "product_name": "Snapdragon Mobile",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "SD 210/SD 212/SD 205,SD 400,SD 425,SD 427,SD 430,SD 435,SD 450,SD 617,SD 625,SD 650/52,SD 800,SD 845,Snapdragon_High_Med_2016" "version_value": "SD 210/SD 212/SD 205,SD 400,SD 425,SD 427,SD 430,SD 435,SD 450,SD 617,SD 625,SD 650/52,SD 800,SD 845,Snapdragon_High_Med_2016"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 845, and Snapdragon_High_Med_2016, during module load at TZ Startup, memory statically allocated by modules was not being properly set to zero first. Allowing the module to execute without reset gives it access to information from previous app thus leading to information exposure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Exposure in Core."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 845, and Snapdragon_High_Med_2016, during module load at TZ Startup, memory statically allocated by modules was not being properly set to zero first. Allowing the module to execute without reset gives it access to information from previous app thus leading to information exposure."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Information Exposure in Core."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

150
2015/9xxx/CVE-2015-9261.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-9261", "ID": "CVE-2015-9261",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html" "lang": "eng",
}, "value": "huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file."
{ }
"name" : "http://www.openwall.com/lists/oss-security/2015/10/25/3", ]
"refsource" : "MISC", },
"url" : "http://www.openwall.com/lists/oss-security/2015/10/25/3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.debian.org/803097", "description": [
"refsource" : "MISC", {
"url" : "https://bugs.debian.org/803097" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e", ]
"refsource" : "MISC", }
"url" : "https://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e",
"refsource": "MISC",
"url": "https://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e"
},
{
"name": "[debian-lts-announce] 20180727 [SECURITY] [DLA 1445-1] busybox security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html"
},
{
"name": "http://www.openwall.com/lists/oss-security/2015/10/25/3",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2015/10/25/3"
},
{
"name": "https://bugs.debian.org/803097",
"refsource": "MISC",
"url": "https://bugs.debian.org/803097"
}
]
}
}

130
2016/1xxx/CVE-2016-1341.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1341", "ID": "CVE-2016-1341",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 Fabric Extender devices has a blank root password, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCur22079."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160223 Cisco Nexus 2000 Series Fabric Extender Software Default Credential Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160223-nx2000" "lang": "eng",
}, "value": "Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 Fabric Extender devices has a blank root password, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCur22079."
{ }
"name" : "1035088", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1035088" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160223 Cisco Nexus 2000 Series Fabric Extender Software Default Credential Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160223-nx2000"
},
{
"name": "1035088",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035088"
}
]
}
}

34
2016/1xxx/CVE-2016-1845.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-1845", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-1845",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

140
2016/1xxx/CVE-2016-1881.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1881", "ID": "CVE-2016-1881",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause a denial of service (crash) or potentially gain privilege via a crafted Linux compatibility layer setgroups system call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" "lang": "eng",
}, "value": "The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause a denial of service (crash) or potentially gain privilege via a crafted Linux compatibility layer setgroups system call."
{ }
"name" : "FreeBSD-SA-16:04", ]
"refsource" : "FREEBSD", },
"url" : "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:04.linux.asc" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034676", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034676" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "1034676",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034676"
},
{
"name": "FreeBSD-SA-16:04",
"refsource": "FREEBSD",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:04.linux.asc"
}
]
}
}

130
2016/1xxx/CVE-2016-1999.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1999", "ID": "CVE-2016-1999",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05063986", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05063986" "lang": "eng",
}, "value": "The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
{ }
"name" : "90778", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/90778" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05063986",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05063986"
},
{
"name": "90778",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90778"
}
]
}
}

190
2016/5xxx/CVE-2016-5106.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-5106", "ID": "CVE-2016-5106",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160525 CVE Request Qemu: scsi: megasas: out-of-bounds write while setting controller properties", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/05/25/6" "lang": "eng",
}, "value": "The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command."
{ }
"name" : "[oss-security] 20160526 Re: CVE Request Qemu: scsi: megasas: out-of-bounds write while setting controller properties", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/05/26/8" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[qemu-devel] 20160525 [Qemu-devel] [PATCH 1/3] scsi: megasas: use appropriate property buffer", "description": [
"refsource" : "MLIST", {
"url" : "https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04340.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update", ]
"refsource" : "MLIST", }
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1339578", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1339578" "name": "USN-3047-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3047-1"
"name" : "GLSA-201609-01", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201609-01" "name": "[oss-security] 20160526 Re: CVE Request Qemu: scsi: megasas: out-of-bounds write while setting controller properties",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/05/26/8"
"name" : "USN-3047-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3047-1" "name": "[qemu-devel] 20160525 [Qemu-devel] [PATCH 1/3] scsi: megasas: use appropriate property buffer",
}, "refsource": "MLIST",
{ "url": "https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04340.html"
"name" : "USN-3047-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3047-2" "name": "GLSA-201609-01",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201609-01"
} },
} {
"name": "USN-3047-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3047-2"
},
{
"name": "[oss-security] 20160525 CVE Request Qemu: scsi: megasas: out-of-bounds write while setting controller properties",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/25/6"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1339578",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1339578"
},
{
"name": "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html"
}
]
}
}

190
2016/5xxx/CVE-2016-5174.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-5174", "ID": "CVE-2016-5174",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "browser/ui/cocoa/browser_window_controller_private.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service (unsuppressed popup) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://codereview.chromium.org/2053343003", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://codereview.chromium.org/2053343003" "lang": "eng",
}, "value": "browser/ui/cocoa/browser_window_controller_private.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service (unsuppressed popup) via a crafted web site."
{ }
"name" : "https://crbug.com/579934", ]
"refsource" : "CONFIRM", },
"url" : "https://crbug.com/579934" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html", "description": [
"refsource" : "CONFIRM", {
"url" : "https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3667", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3667" ]
}, },
{ "references": {
"name" : "GLSA-201610-09", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201610-09" "name": "DSA-3667",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3667"
"name" : "RHSA-2016:1905", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1905.html" "name": "1036826",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036826"
"name" : "92942", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92942" "name": "92942",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/92942"
"name" : "1036826", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036826" "name": "https://crbug.com/579934",
} "refsource": "CONFIRM",
] "url": "https://crbug.com/579934"
} },
} {
"name": "https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html",
"refsource": "CONFIRM",
"url": "https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html"
},
{
"name": "https://codereview.chromium.org/2053343003",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/2053343003"
},
{
"name": "GLSA-201610-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-09"
},
{
"name": "RHSA-2016:1905",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1905.html"
}
]
}
}

256
2016/5xxx/CVE-2016-5290.json
View File

@ -1,130 +1,130 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2016-5290", "ID": "CVE-2016-5290",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Thunderbird", "product_name": "Thunderbird",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "45.5" "version_value": "45.5"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox ESR", "product_name": "Firefox ESR",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "45.5" "version_value": "45.5"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "50" "version_value": "50"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1309720%2C1297062%2C1303710%2C1018486%2C1292590%2C1301343%2C1301496%2C1308048%2C1308346%2C1299519%2C1286911%2C1298169", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1309720%2C1297062%2C1303710%2C1018486%2C1292590%2C1301343%2C1301496%2C1308048%2C1308346%2C1299519%2C1286911%2C1298169" "lang": "eng",
}, "value": "Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50."
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-89/", ]
"refsource" : "CONFIRM", },
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-89/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-90/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-90/" "lang": "eng",
}, "value": "Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5"
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-93/", ]
"refsource" : "CONFIRM", }
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-93/" ]
}, },
{ "references": {
"name" : "DSA-3730", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2016/dsa-3730" "name": "DSA-3730",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2016/dsa-3730"
"name" : "GLSA-201701-15", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-15" "name": "RHSA-2016:2825",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2825.html"
"name" : "RHSA-2016:2780", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2780.html" "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1309720%2C1297062%2C1303710%2C1018486%2C1292590%2C1301343%2C1301496%2C1308048%2C1308346%2C1299519%2C1286911%2C1298169",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1309720%2C1297062%2C1303710%2C1018486%2C1292590%2C1301343%2C1301496%2C1308048%2C1308346%2C1299519%2C1286911%2C1298169"
"name" : "RHSA-2016:2825", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2825.html" "name": "94335",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/94335"
"name" : "94335", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94335" "name": "1037298",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1037298"
"name" : "1037298", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037298" "name": "GLSA-201701-15",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201701-15"
} },
} {
"name": "https://www.mozilla.org/security/advisories/mfsa2016-93/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-93/"
},
{
"name": "RHSA-2016:2780",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2016-89/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-89/"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2016-90/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-90/"
}
]
}
}

310
2016/5xxx/CVE-2016-5403.json
View File

@ -1,157 +1,157 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-5403", "ID": "CVE-2016-5403",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://xenbits.xen.org/xsa/advisory-184.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://xenbits.xen.org/xsa/advisory-184.html" "lang": "eng",
}, "value": "The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1358359", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1358359" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
"name" : "RHSA-2016:1585", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1585.html" "name": "RHSA-2016:1756",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1756.html"
"name" : "RHSA-2016:1586", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1586.html" "name": "http://xenbits.xen.org/xsa/advisory-184.html",
}, "refsource": "CONFIRM",
{ "url": "http://xenbits.xen.org/xsa/advisory-184.html"
"name" : "RHSA-2016:1606", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1606.html" "name": "USN-3047-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3047-1"
"name" : "RHSA-2016:1607", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1607.html" "name": "RHSA-2016:1655",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1655.html"
"name" : "RHSA-2016:1652", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1652.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1358359",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358359"
"name" : "RHSA-2016:1653", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1653.html" "name": "RHSA-2016:1763",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1763.html"
"name" : "RHSA-2016:1654", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1654.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
"name" : "RHSA-2016:1655", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1655.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
"name" : "RHSA-2016:1756", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1756.html" "name": "RHSA-2016:1585",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1585.html"
"name" : "RHSA-2016:1763", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1763.html" "name": "RHSA-2016:1653",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1653.html"
"name" : "RHSA-2016:1943", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1943.html" "name": "RHSA-2016:1607",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1607.html"
"name" : "USN-3047-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3047-1" "name": "RHSA-2016:1654",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1654.html"
"name" : "USN-3047-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3047-2" "name": "1036476",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036476"
"name" : "92148", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92148" "name": "USN-3047-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3047-2"
"name" : "1036476", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036476" "name": "RHSA-2016:1606",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-1606.html"
} },
} {
"name": "RHSA-2016:1586",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1586.html"
},
{
"name": "RHSA-2016:1943",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1943.html"
},
{
"name": "92148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92148"
},
{
"name": "RHSA-2016:1652",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1652.html"
}
]
}
}

34
2018/2xxx/CVE-2018-2288.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2288", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2288",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

132
2018/2xxx/CVE-2018-2659.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2659", "ID": "CVE-2018-2659",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "JD Edwards EnterpriseOne Tools", "product_name": "JD Edwards EnterpriseOne Tools",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "9.2" "version_value": "9.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime SEC). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of JD Edwards EnterpriseOne Tools accessible data as well as unauthorized read access to a subset of JD Edwards EnterpriseOne Tools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of JD Edwards EnterpriseOne Tools accessible data as well as unauthorized read access to a subset of JD Edwards EnterpriseOne Tools accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "lang": "eng",
}, "value": "Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime SEC). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of JD Edwards EnterpriseOne Tools accessible data as well as unauthorized read access to a subset of JD Edwards EnterpriseOne Tools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)."
{ }
"name" : "102707", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102707" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of JD Edwards EnterpriseOne Tools accessible data as well as unauthorized read access to a subset of JD Edwards EnterpriseOne Tools accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102707",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102707"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
}
]
}
}

142
2018/2xxx/CVE-2018-2682.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2682", "ID": "CVE-2018-2682",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Financial Services Liquidity Risk Management", "product_name": "Financial Services Liquidity Risk Management",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.0.x" "version_value": "8.0.x"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Financial Services Liquidity Risk Management component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Liquidity Risk Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Liquidity Risk Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Liquidity Risk Management accessible data as well as unauthorized read access to a subset of Oracle Financial Services Liquidity Risk Management accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Liquidity Risk Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Liquidity Risk Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Liquidity Risk Management accessible data as well as unauthorized read access to a subset of Oracle Financial Services Liquidity Risk Management accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Financial Services Liquidity Risk Management component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Liquidity Risk Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Liquidity Risk Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Liquidity Risk Management accessible data as well as unauthorized read access to a subset of Oracle Financial Services Liquidity Risk Management accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)."
{ }
"name" : "102657", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102657" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040214", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040214" "lang": "eng",
} "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Liquidity Risk Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Liquidity Risk Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Liquidity Risk Management accessible data as well as unauthorized read access to a subset of Oracle Financial Services Liquidity Risk Management accessible data."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "1040214",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040214"
},
{
"name": "102657",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102657"
}
]
}
}

148
2018/2xxx/CVE-2018-2738.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2738", "ID": "CVE-2018-2738",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Retail Central Office", "product_name": "Retail Central Office",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "13.4.9" "version_value": "13.4.9"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "14.0.4" "version_value": "14.0.4"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "14.1.3" "version_value": "14.1.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Retail Central Office component of Oracle Retail Applications (subcomponent: Security). Supported versions that are affected are 13.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Central Office. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Central Office accessible data as well as unauthorized read access to a subset of Oracle Retail Central Office accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Central Office. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Central Office accessible data as well as unauthorized read access to a subset of Oracle Retail Central Office accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Retail Central Office component of Oracle Retail Applications (subcomponent: Security). Supported versions that are affected are 13.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Central Office. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Central Office accessible data as well as unauthorized read access to a subset of Oracle Retail Central Office accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)."
{ }
"name" : "103813", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103813" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Central Office. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Central Office accessible data as well as unauthorized read access to a subset of Oracle Retail Central Office accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "103813",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103813"
}
]
}
}

34
2018/6xxx/CVE-2018-6719.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6719", "ID": "CVE-2018-6719",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

122
2019/0xxx/CVE-2019-0121.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"DATE_PUBLIC" : "2019-03-12T00:00:00", "DATE_PUBLIC": "2019-03-12T00:00:00",
"ID" : "CVE-2019-0121", "ID": "CVE-2019-0121",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Intel(R) Matrix Storage Manager", "product_name": "Intel(R) Matrix Storage Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "8.9.0.1023 and before" "version_value": "8.9.0.1023 and before"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel Corporation" "vendor_name": "Intel Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and before may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Escalation of Privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00216.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00216.html" "lang": "eng",
} "value": "Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and before may allow an authenticated user to potentially enable escalation of privilege via local access."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00216.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00216.html"
}
]
}
}

34
2019/0xxx/CVE-2019-0233.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0233", "ID": "CVE-2019-0233",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0335.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0335", "ID": "CVE-2019-0335",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1269.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1269", "ID": "CVE-2019-1269",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1275.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1275", "ID": "CVE-2019-1275",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1299.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1299", "ID": "CVE-2019-1299",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4370.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4370", "ID": "CVE-2019-4370",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5061.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5061", "ID": "CVE-2019-5061",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5483.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5483", "ID": "CVE-2019-5483",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5527.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5527", "ID": "CVE-2019-5527",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }