admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:39:14 +00:00
parent 38b4073966
commit f9676c2193
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
66 changed files with 4036 additions and 4036 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
1999/0xxx/CVE-1999-0223.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0223",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0223",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry."
"lang": "eng",
"value": "Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?patchid=103291&collection=fpatches",
"refsource" : "CONFIRM",
"url" : "http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?patchid=103291&collection=fpatches"
"name": "http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?patchid=103291&collection=fpatches",
"refsource": "CONFIRM",
"url": "http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?patchid=103291&collection=fpatches"
},
{
"name" : "1878",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1878"
"name": "1878",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1878"
}
]
}

74
1999/0xxx/CVE-1999-0696.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0696",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0696",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd)."
"lang": "eng",
"value": "Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "00188",
"refsource" : "SUN",
"url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/188"
"name": "00188",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/188"
},
{
"name" : "HPSBUX9908-102",
"refsource" : "HP",
"url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9908-102"
"name": "J-051",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/j-051.shtml"
},
{
"name" : "J-051",
"refsource" : "CIAC",
"url" : "http://www.ciac.org/ciac/bulletins/j-051.shtml"
"name": "HPSBUX9908-102",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9908-102"
}
]
}

110
2007/0xxx/CVE-2007-0372.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0372",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0372",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote attackers to execute arbitrary SQL commands via (1) the active parameter in admin/modules/modules.php; the (2) ad_class, (3) imageurl, (4) clickurl, (5) ad_code, or (6) position parameter in modules/Advertising/admin/index.php; or unspecified vectors in the (7) advertising, (8) weblinks, or (9) reviews section."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote attackers to execute arbitrary SQL commands via (1) the active parameter in admin/modules/modules.php; the (2) ad_class, (3) imageurl, (4) clickurl, (5) ad_code, or (6) position parameter in modules/Advertising/admin/index.php; or unspecified vectors in the (7) advertising, (8) weblinks, or (9) reviews section."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070204 Sql injection bugs in PHP-Nuke",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/459174/100/0/threaded"
"name": "33699",
"refsource": "OSVDB",
"url": "http://osvdb.org/33699"
},
{
"name" : "20070118 The vulnerabilities festival !",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html"
"name": "20070204 Sql injection bugs in PHP-Nuke",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459174/100/0/threaded"
},
{
"name" : "http://www.hackers.ir/advisories/festival.txt",
"refsource" : "MISC",
"url" : "http://www.hackers.ir/advisories/festival.txt"
"name": "33698",
"refsource": "OSVDB",
"url": "http://osvdb.org/33698"
},
{
"name" : "22116",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22116"
"name": "33702",
"refsource": "OSVDB",
"url": "http://osvdb.org/33702"
},
{
"name" : "33698",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33698"
"name": "20070118 The vulnerabilities festival !",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html"
},
{
"name" : "33699",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33699"
"name": "22116",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22116"
},
{
"name" : "33700",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33700"
"name": "33701",
"refsource": "OSVDB",
"url": "http://osvdb.org/33701"
},
{
"name" : "33701",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33701"
"name": "33700",
"refsource": "OSVDB",
"url": "http://osvdb.org/33700"
},
{
"name" : "33702",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33702"
"name": "http://www.hackers.ir/advisories/festival.txt",
"refsource": "MISC",
"url": "http://www.hackers.ir/advisories/festival.txt"
}
]
}

80
2007/0xxx/CVE-2007-0404.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0404",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0404",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "bin/compile-messages.py in Django 0.95 does not quote argument strings before invoking the msgfmt program through the os.system function, which allows attackers to execute arbitrary commands via shell metacharacters in a (1) .po or (2) .mo file."
"lang": "eng",
"value": "bin/compile-messages.py in Django 0.95 does not quote argument strings before invoking the msgfmt program through the os.system function, which allows attackers to execute arbitrary commands via shell metacharacters in a (1) .po or (2) .mo file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://code.djangoproject.com/changeset/3592",
"refsource" : "CONFIRM",
"url" : "http://code.djangoproject.com/changeset/3592"
"name": "django-po-code-execution(31627)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31627"
},
{
"name" : "22134",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22134"
"name": "23826",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23826"
},
{
"name" : "23826",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23826"
"name": "http://code.djangoproject.com/changeset/3592",
"refsource": "CONFIRM",
"url": "http://code.djangoproject.com/changeset/3592"
},
{
"name" : "django-po-code-execution(31627)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31627"
"name": "22134",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22134"
}
]
}

230
2007/0xxx/CVE-2007-0720.json
View File

@ -1,201 +1,201 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0720",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0720",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a \"partially-negotiated\" SSL connection, which prevents other requests from being accepted."
"lang": "eng",
"value": "The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a \"partially-negotiated\" SSL connection, which prevents other requests from being accepted."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070325 FLEA-2007-0003-1: cups",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/463846/100/0/threaded"
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232243",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232243"
},
{
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232243",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232243"
"name": "MDKSA-2007:086",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:086"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=305214",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=305214"
"name": "25119",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25119"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-194.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-194.htm"
"name": "24660",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24660"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1173",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1173"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-194.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-194.htm"
},
{
"name" : "APPLE-SA-2007-03-13",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
"name": "26083",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26083"
},
{
"name" : "FEDORA-2007-1219",
"refsource" : "FEDORA",
"url" : "http://fedoranews.org/cms/node/2785"
"name": "24878",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24878"
},
{
"name" : "GLSA-200703-28",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200703-28.xml"
"name": "TA07-072A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name" : "MDKSA-2007:086",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:086"
"name": "24517",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24517"
},
{
"name" : "RHSA-2007:0123",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0123.html"
"name": "26413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26413"
},
{
"name" : "SUSE-SR:2007:009",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_9_sr.html"
"name": "20070325 FLEA-2007-0003-1: cups",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/463846/100/0/threaded"
},
{
"name" : "SUSE-SR:2007:014",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_14_sr.html"
"name": "SUSE-SR:2007:014",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_14_sr.html"
},
{
"name" : "TA07-072A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
"name": "APPLE-SA-2007-03-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name" : "22948",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22948"
"name": "oval:org.mitre.oval:def:11046",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11046"
},
{
"name" : "23127",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23127"
"name": "22948",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22948"
},
{
"name" : "oval:org.mitre.oval:def:11046",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11046"
"name": "http://docs.info.apple.com/article.html?artnum=305214",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name" : "ADV-2007-0930",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0930"
"name": "RHSA-2007:0123",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0123.html"
},
{
"name" : "ADV-2007-0949",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0949"
"name": "1017750",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017750"
},
{
"name" : "1017750",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017750"
"name": "GLSA-200703-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200703-28.xml"
},
{
"name" : "24479",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24479"
"name": "SUSE-SR:2007:009",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_9_sr.html"
},
{
"name" : "24517",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24517"
"name": "https://issues.rpath.com/browse/RPL-1173",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1173"
},
{
"name" : "24530",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24530"
"name": "24895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24895"
},
{
"name" : "24660",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24660"
"name": "ADV-2007-0949",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0949"
},
{
"name" : "24878",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24878"
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name" : "24895",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24895"
"name": "FEDORA-2007-1219",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2785"
},
{
"name" : "25119",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25119"
"name": "24530",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24530"
},
{
"name" : "25497",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25497"
"name": "23127",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23127"
},
{
"name" : "26083",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26083"
"name": "25497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25497"
},
{
"name" : "26413",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26413"
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}

74
2007/0xxx/CVE-2007-0834.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0834",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0834",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in FlashChat 4.7.8 allows remote attackers to inject arbitrary web script or HTML via the user name field when the user joins a chat room, a different vulnerability than CVE-2007-0807. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in FlashChat 4.7.8 allows remote attackers to inject arbitrary web script or HTML via the user name field when the user joins a chat room, a different vulnerability than CVE-2007-0807. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "35797",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35797"
"name": "flashchat-username-xss(32417)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32417"
},
{
"name" : "24071",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24071"
"name": "24071",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24071"
},
{
"name" : "flashchat-username-xss(32417)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32417"
"name": "35797",
"refsource": "OSVDB",
"url": "http://osvdb.org/35797"
}
]
}

80
2007/1xxx/CVE-2007-1389.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1389",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1389",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "dynaliens 2.0 and 2.1 allows remote attackers to bypass authentication and perform certain privileged actions via a direct request for (1) validlien.php3 (2) supprlien.php3 (3) supprub.php3 (4) validlien.php3 (5) confsuppr.php3 (6) modiflien.php3, or (7) confmodif.php3 in admin/."
"lang": "eng",
"value": "dynaliens 2.0 and 2.1 allows remote attackers to bypass authentication and perform certain privileged actions via a direct request for (1) validlien.php3 (2) supprlien.php3 (3) supprub.php3 (4) validlien.php3 (5) confsuppr.php3 (6) modiflien.php3, or (7) confmodif.php3 in admin/."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070308 dynaliens v2.0/v2.1 bypass admin authentification + XSS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/462221/100/0/threaded"
"name": "20070308 dynaliens v2.0/v2.1 bypass admin authentification + XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462221/100/0/threaded"
},
{
"name" : "http://forums.avenir-geopolitique.net/viewtopic.php?t=2722",
"refsource" : "MISC",
"url" : "http://forums.avenir-geopolitique.net/viewtopic.php?t=2722"
"name": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2722",
"refsource": "MISC",
"url": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2722"
},
{
"name" : "22873",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22873"
"name": "22873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22873"
},
{
"name" : "2403",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2403"
"name": "2403",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2403"
}
]
}

92
2007/1xxx/CVE-2007-1443.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1443",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1443",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in register.php in Woltlab Burning Board (wBB) 2.3.6 and Burning Board Lite 1.0.2pl3e allow remote attackers to inject arbitrary web script or HTML via the (1) r_username, (2) r_email, (3) r_password, (4) r_confirmpassword, (5) r_homepage, (6) r_icq, (7) r_aim, (8) r_yim, (9) r_msn, (10) r_year, (11) r_month, (12) r_day, (13) r_gender, (14) r_signature, (15) r_usertext, (16) r_invisible, (17) r_usecookies, (18) r_admincanemail, (19) r_emailnotify, (20) r_notificationperpm, (21) r_receivepm, (22) r_emailonpm, (23) r_pmpopup, (24) r_showsignatures, (25) r_showavatars, (26) r_showimages, (27) r_daysprune, (28) r_umaxposts, (29) r_dateformat, (30) r_timeformat, (31) r_startweek, (32) r_timezoneoffset, (33) r_usewysiwyg, (34) r_styleid, (35) r_langid, (36) key_string, (37) key_number, (38) disablesmilies, (39) disablebbcode, (40) disableimages, (41) field[1], (42) field[2], and (43) field[3] parameters. NOTE: a third-party researcher has disputed some of these vectors, stating that only the r_dateformat and r_timeformat parameters in Burning Board 2.3.6 are affected."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in register.php in Woltlab Burning Board (wBB) 2.3.6 and Burning Board Lite 1.0.2pl3e allow remote attackers to inject arbitrary web script or HTML via the (1) r_username, (2) r_email, (3) r_password, (4) r_confirmpassword, (5) r_homepage, (6) r_icq, (7) r_aim, (8) r_yim, (9) r_msn, (10) r_year, (11) r_month, (12) r_day, (13) r_gender, (14) r_signature, (15) r_usertext, (16) r_invisible, (17) r_usecookies, (18) r_admincanemail, (19) r_emailnotify, (20) r_notificationperpm, (21) r_receivepm, (22) r_emailonpm, (23) r_pmpopup, (24) r_showsignatures, (25) r_showavatars, (26) r_showimages, (27) r_daysprune, (28) r_umaxposts, (29) r_dateformat, (30) r_timeformat, (31) r_startweek, (32) r_timezoneoffset, (33) r_usewysiwyg, (34) r_styleid, (35) r_langid, (36) key_string, (37) key_number, (38) disablesmilies, (39) disablebbcode, (40) disableimages, (41) field[1], (42) field[2], and (43) field[3] parameters. NOTE: a third-party researcher has disputed some of these vectors, stating that only the r_dateformat and r_timeformat parameters in Burning Board 2.3.6 are affected."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070302 Re: Woltlab Burning Board (wbb) 2.3.6 CSRF/XSS - 0day",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/461744/100/100/threaded"
"name": "2424",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2424"
},
{
"name" : "20070302 Woltlab Burning Board (wbb) 2.3.6 CSRF/XSS - 0day",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/461737/100/100/threaded"
"name": "24404",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24404"
},
{
"name" : "ADV-2007-0856",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0856"
"name": "ADV-2007-0856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0856"
},
{
"name" : "24386",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24386"
"name": "20070302 Re: Woltlab Burning Board (wbb) 2.3.6 CSRF/XSS - 0day",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/461744/100/100/threaded"
},
{
"name" : "24404",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24404"
"name": "20070302 Woltlab Burning Board (wbb) 2.3.6 CSRF/XSS - 0day",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/461737/100/100/threaded"
},
{
"name" : "2424",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2424"
"name": "24386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24386"
}
]
}

62
2007/1xxx/CVE-2007-1565.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1565",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1565",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Konqueror 3.5.5 allows remote attackers to cause a denial of service (crash) by using JavaScript to read a child iframe having an ftp:// URI."
"lang": "eng",
"value": "Konqueror 3.5.5 allows remote attackers to cause a denial of service (crash) by using JavaScript to read a child iframe having an ftp:// URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bindshell.net/papers/ftppasv/ftp-client-pasv-manipulation.pdf",
"refsource" : "MISC",
"url" : "http://bindshell.net/papers/ftppasv/ftp-client-pasv-manipulation.pdf"
"name": "http://bindshell.net/papers/ftppasv/ftp-client-pasv-manipulation.pdf",
"refsource": "MISC",
"url": "http://bindshell.net/papers/ftppasv/ftp-client-pasv-manipulation.pdf"
}
]
}

140
2007/1xxx/CVE-2007-1717.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1717",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1717",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ ('\\0') byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases when the trailing contents of e-mail messages are important, such as logging information or if the message is expected to be well-formed."
"lang": "eng",
"value": "The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ ('\\0') byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases when the trailing contents of e-mail messages are important, such as logging information or if the message is expected to be well-formed."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://us2.php.net/releases/4_4_7.php",
"refsource" : "CONFIRM",
"url" : "http://us2.php.net/releases/4_4_7.php"
"name": "ADV-2007-2732",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name" : "http://us2.php.net/releases/5_2_2.php",
"refsource" : "CONFIRM",
"url" : "http://us2.php.net/releases/5_2_2.php"
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name" : "http://www.php-security.org/MOPB/MOPB-33-2007.html",
"refsource" : "MISC",
"url" : "http://www.php-security.org/MOPB/MOPB-33-2007.html"
"name": "php-emailmessages-manipulation(33518)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33518"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=306172",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=306172"
"name": "APPLE-SA-2007-07-31",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name" : "APPLE-SA-2007-07-31",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
"name": "GLSA-200705-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name" : "GLSA-200705-19",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200705-19.xml"
"name": "23146",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23146"
},
{
"name" : "SUSE-SA:2007:032",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html"
"name": "http://www.php-security.org/MOPB/MOPB-33-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-33-2007.html"
},
{
"name" : "23146",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23146"
"name": "http://us2.php.net/releases/4_4_7.php",
"refsource": "CONFIRM",
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"name" : "25159",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25159"
"name": "http://us2.php.net/releases/5_2_2.php",
"refsource": "CONFIRM",
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"name" : "ADV-2007-2732",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2732"
"name": "http://docs.info.apple.com/article.html?artnum=306172",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name" : "25056",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25056"
"name": "25159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name" : "25445",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25445"
"name": "25445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25445"
},
{
"name" : "26235",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26235"
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name" : "php-emailmessages-manipulation(33518)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33518"
"name": "26235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26235"
}
]
}

110
2007/1xxx/CVE-2007-1739.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1739",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1739",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation."
"lang": "eng",
"value": "Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070328 IBM Lotus Domino Server LDAP Request Invalid DN Message Heap Overflow Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=494"
"name": "domino-ldap-bo(33278)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33278"
},
{
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21257248",
"refsource" : "CONFIRM",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21257248"
"name": "1017825",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017825"
},
{
"name" : "VU#927988",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/927988"
"name": "23173",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23173"
},
{
"name" : "23173",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23173"
"name": "23174",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23174"
},
{
"name" : "23174",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23174"
"name": "24633",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24633"
},
{
"name" : "ADV-2007-1133",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1133"
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21257248",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257248"
},
{
"name" : "1017825",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017825"
"name": "20070328 IBM Lotus Domino Server LDAP Request Invalid DN Message Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=494"
},
{
"name" : "24633",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24633"
"name": "ADV-2007-1133",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1133"
},
{
"name" : "domino-ldap-bo(33278)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33278"
"name": "VU#927988",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/927988"
}
]
}

104
2007/1xxx/CVE-2007-1889.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1889",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1889",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msg_receive with the largest positive integer value of maxsize."
"lang": "eng",
"value": "Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msg_receive with the largest positive integer value of maxsize."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.php-security.org/MOPB/MOPB-43-2007.html",
"refsource" : "MISC",
"url" : "http://www.php-security.org/MOPB/MOPB-43-2007.html"
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name" : "http://www.php-security.org/MOPB/MOPB-44-2007.html",
"refsource" : "MISC",
"url" : "http://www.php-security.org/MOPB/MOPB-44-2007.html"
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name" : "DSA-1283",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1283"
"name": "http://www.php-security.org/MOPB/MOPB-43-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-43-2007.html"
},
{
"name" : "SUSE-SA:2007:032",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html"
"name": "23238",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23238"
},
{
"name" : "23238",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23238"
"name": "http://www.php-security.org/MOPB/MOPB-44-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-44-2007.html"
},
{
"name" : "25062",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25062"
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name" : "25056",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25056"
"name": "zend-zendmmallocint-bo(33770)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33770"
},
{
"name" : "zend-zendmmallocint-bo(33770)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33770"
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
]
}

86
2007/5xxx/CVE-2007-5207.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5207",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5207",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file."
"lang": "eng",
"value": "guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=445308",
"refsource" : "CONFIRM",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=445308"
"name": "guilt-variable-symlink(36970)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36970"
},
{
"name" : "25941",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25941"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=445308",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=445308"
},
{
"name" : "41534",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41534"
"name": "41534",
"refsource": "OSVDB",
"url": "http://osvdb.org/41534"
},
{
"name" : "27076",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27076"
"name": "27076",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27076"
},
{
"name" : "guilt-variable-symlink(36970)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36970"
"name": "25941",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25941"
}
]
}

80
2007/5xxx/CVE-2007-5271.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5271",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5271",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS 1.2 rev9 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the bField[bf_data] parameter to (1) interface/editors/-custom.php or (2) interface/editors/custom.php."
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS 1.2 rev9 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the bField[bf_data] parameter to (1) interface/editors/-custom.php or (2) interface/editors/custom.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4485",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4485"
"name": "25933",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25933"
},
{
"name" : "25933",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25933"
"name": "4485",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4485"
},
{
"name" : "27069",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27069"
"name": "27069",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27069"
},
{
"name" : "trionic-bfield-file-include(36972)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36972"
"name": "trionic-bfield-file-include(36972)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36972"
}
]
}

80
2007/5xxx/CVE-2007-5419.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5419",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5419",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The 3Com 3CRWER100-75 router with 1.2.10ww software, when enabling an optional virtual server, configures this server to accept all source IP addresses on the external (Internet) interface unless the user selects other options, which might expose the router to unintended incoming traffic from remote attackers, as demonstrated by setting up a virtual server on port 80, which allows remote attackers to access the web management interface."
"lang": "eng",
"value": "The 3Com 3CRWER100-75 router with 1.2.10ww software, when enabling an optional virtual server, configures this server to accept all source IP addresses on the external (Internet) interface unless the user selects other options, which might expose the router to unintended incoming traffic from remote attackers, as demonstrated by setting up a virtual server on port 80, which allows remote attackers to access the web management interface."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20071010 3Com WIFI router remote administration vulnerability.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/481977/100/0/threaded"
"name": "20071010 3Com WIFI router remote administration vulnerability.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481977/100/0/threaded"
},
{
"name" : "26009",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26009"
"name": "43657",
"refsource": "OSVDB",
"url": "http://osvdb.org/43657"
},
{
"name" : "43657",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43657"
"name": "3217",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3217"
},
{
"name" : "3217",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3217"
"name": "26009",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26009"
}
]
}

92
2007/5xxx/CVE-2007-5480.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5480",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5480",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in InnovaAge InnovaShop allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter to msg.jsp, and the (2) contentid parameter to tc/contents/home001.jsp."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in InnovaAge InnovaShop allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter to msg.jsp, and the (2) contentid parameter to tc/contents/home001.jsp."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20071015 InnovaShop?® (mgs.jps) Cross Siting Scripting",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=119248056804520&w=2"
"name": "20071015 InnovaShop?\u00ae (mgs.jps) Cross Siting Scripting",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=119248056804520&w=2"
},
{
"name" : "26084",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26084"
"name": "37927",
"refsource": "OSVDB",
"url": "http://osvdb.org/37927"
},
{
"name" : "37927",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37927"
"name": "27225",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27225"
},
{
"name" : "37928",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37928"
"name": "innovashop-msg-home001-xss(37273)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37273"
},
{
"name" : "27225",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27225"
"name": "37928",
"refsource": "OSVDB",
"url": "http://osvdb.org/37928"
},
{
"name" : "innovashop-msg-home001-xss(37273)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37273"
"name": "26084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26084"
}
]
}

22
2007/5xxx/CVE-2007-5903.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5903",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5903",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2015/3xxx/CVE-2015-3276.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3276",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3276",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors."
"lang": "eng",
"value": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1238322",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1238322"
"name": "RHSA-2015:2131",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2131.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name" : "RHSA-2015:2131",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2131.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1238322",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1238322"
},
{
"name" : "1034221",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034221"
"name": "1034221",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034221"
}
]
}

80
2015/3xxx/CVE-2015-3422.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3422",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3422",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in SearchBlox before 8.2.1 allows remote attackers to inject arbitrary web script or HTML via the menu2 parameter to admin/main.jsp."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in SearchBlox before 8.2.1 allows remote attackers to inject arbitrary web script or HTML via the menu2 parameter to admin/main.jsp."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150617 Reflected Cross-Site Scripting (XSS) in SearchBlox",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/535780/100/0/threaded"
"name": "20150617 Reflected Cross-Site Scripting (XSS) in SearchBlox",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535780/100/0/threaded"
},
{
"name" : "http://packetstormsecurity.com/files/132341/SearchBlox-8.2-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/132341/SearchBlox-8.2-Cross-Site-Scripting.html"
"name": "75263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75263"
},
{
"name" : "https://www.htbridge.com/advisory/HTB23256",
"refsource" : "MISC",
"url" : "https://www.htbridge.com/advisory/HTB23256"
"name": "http://packetstormsecurity.com/files/132341/SearchBlox-8.2-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132341/SearchBlox-8.2-Cross-Site-Scripting.html"
},
{
"name" : "75263",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75263"
"name": "https://www.htbridge.com/advisory/HTB23256",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23256"
}
]
}

22
2015/3xxx/CVE-2015-3464.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3464",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3464",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2015/6xxx/CVE-2015-6121.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6121",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-6121",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}

98
2015/6xxx/CVE-2015-6989.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6989",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-6989",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls."
"lang": "eng",
"value": "Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted package that is mishandled during dispatch calls."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT205370",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205370"
"name": "APPLE-SA-2015-10-21-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
},
{
"name" : "https://support.apple.com/HT205375",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205375"
"name": "APPLE-SA-2015-10-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html"
},
{
"name" : "https://support.apple.com/HT205378",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205378"
"name": "https://support.apple.com/HT205375",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205375"
},
{
"name" : "APPLE-SA-2015-10-21-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html"
"name": "APPLE-SA-2015-10-21-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00003.html"
},
{
"name" : "APPLE-SA-2015-10-21-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00003.html"
"name": "https://support.apple.com/HT205370",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205370"
},
{
"name" : "APPLE-SA-2015-10-21-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
"name": "https://support.apple.com/HT205378",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205378"
},
{
"name" : "1033929",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033929"
"name": "1033929",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033929"
}
]
}

98
2015/7xxx/CVE-2015-7058.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7058",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-7058",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app."
"lang": "eng",
"value": "Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 improperly validate keychain item ACLs, which allows attackers to obtain access to keychain items via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT205635",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205635"
"name": "https://support.apple.com/HT205635",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205635"
},
{
"name" : "https://support.apple.com/HT205637",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205637"
"name": "https://support.apple.com/HT205637",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205637"
},
{
"name" : "https://support.apple.com/HT205640",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205640"
"name": "1034344",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034344"
},
{
"name" : "APPLE-SA-2015-12-08-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
"name": "APPLE-SA-2015-12-08-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"name" : "APPLE-SA-2015-12-08-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
"name": "APPLE-SA-2015-12-08-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
},
{
"name" : "APPLE-SA-2015-12-08-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
"name": "https://support.apple.com/HT205640",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205640"
},
{
"name" : "1034344",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034344"
"name": "APPLE-SA-2015-12-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
}
]
}

98
2015/7xxx/CVE-2015-7061.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7061",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-7061",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7060."
"lang": "eng",
"value": "The ASN.1 decoder in Apple OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate, a different vulnerability than CVE-2015-7059 and CVE-2015-7060."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT205637",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205637"
"name": "https://support.apple.com/HT205637",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205637"
},
{
"name" : "https://support.apple.com/HT205640",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205640"
"name": "1034344",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034344"
},
{
"name" : "https://support.apple.com/HT205641",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205641"
"name": "APPLE-SA-2015-12-08-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
},
{
"name" : "APPLE-SA-2015-12-08-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
"name": "APPLE-SA-2015-12-08-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"name" : "APPLE-SA-2015-12-08-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
"name": "https://support.apple.com/HT205641",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205641"
},
{
"name" : "APPLE-SA-2015-12-08-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
"name": "https://support.apple.com/HT205640",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205640"
},
{
"name" : "1034344",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034344"
"name": "APPLE-SA-2015-12-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
}
]
}

68
2015/7xxx/CVE-2015-7856.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7856",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7856",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "OpenNMS has a default password of rtc for the rtc account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the credentials."
"lang": "eng",
"value": "OpenNMS has a default password of rtc for the rtc account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the credentials."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.rapid7.com/db/modules/auxiliary/gather/opennms_xxe",
"refsource" : "MISC",
"url" : "http://www.rapid7.com/db/modules/auxiliary/gather/opennms_xxe"
"name": "http://www.opennms.org/wiki/CVE-2015-0975",
"refsource": "CONFIRM",
"url": "http://www.opennms.org/wiki/CVE-2015-0975"
},
{
"name" : "http://www.opennms.org/wiki/CVE-2015-0975",
"refsource" : "CONFIRM",
"url" : "http://www.opennms.org/wiki/CVE-2015-0975"
"name": "http://www.rapid7.com/db/modules/auxiliary/gather/opennms_xxe",
"refsource": "MISC",
"url": "http://www.rapid7.com/db/modules/auxiliary/gather/opennms_xxe"
}
]
}

74
2015/8xxx/CVE-2015-8021.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8021",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8021",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php."
"lang": "eng",
"value": "Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html",
"refsource" : "CONFIRM",
"url" : "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html"
"name": "82340",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/82340"
},
{
"name" : "82340",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/82340"
"name": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html",
"refsource": "CONFIRM",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html"
},
{
"name" : "1034781",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034781"
"name": "1034781",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034781"
}
]
}

74
2015/8xxx/CVE-2015-8458.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8458",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-8458",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerability than CVE-2015-6696 and CVE-2015-6698."
"lang": "eng",
"value": "Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a multiple-layer PDF document, a different vulnerability than CVE-2015-6696 and CVE-2015-6698."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-637",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-637"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-637",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-637"
},
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
"name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"name" : "79208",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/79208"
"name": "79208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79208"
}
]
}

62
2015/8xxx/CVE-2015-8707.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8707",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8707",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via a GET request and not canceled after use, which allows remote attackers to obtain user passwords via a crafted external service with access to the referrer field."
"lang": "eng",
"value": "Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via a GET request and not canceled after use, which allows remote attackers to obtain user passwords via a crafted external service with access to the referrer field."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://magento.com/security/patches/supee-6788",
"refsource" : "CONFIRM",
"url" : "https://magento.com/security/patches/supee-6788"
"name": "https://magento.com/security/patches/supee-6788",
"refsource": "CONFIRM",
"url": "https://magento.com/security/patches/supee-6788"
}
]
}

104
2015/8xxx/CVE-2015-8872.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8872",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8872",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an \"off-by-two error.\""
"lang": "eng",
"value": "The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an \"off-by-two error.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://blog.fuzzing-project.org/44-dosfstools-fsck.vfat-Several-invalid-memory-accesses.html",
"refsource" : "MISC",
"url" : "https://blog.fuzzing-project.org/44-dosfstools-fsck.vfat-Several-invalid-memory-accesses.html"
"name": "openSUSE-SU-2016:1461",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00001.html"
},
{
"name" : "https://github.com/dosfstools/dosfstools/commit/07908124838afcc99c577d1d3e84cef2dbd39cb7",
"refsource" : "CONFIRM",
"url" : "https://github.com/dosfstools/dosfstools/commit/07908124838afcc99c577d1d3e84cef2dbd39cb7"
"name": "https://github.com/dosfstools/dosfstools/releases/tag/v4.0",
"refsource": "CONFIRM",
"url": "https://github.com/dosfstools/dosfstools/releases/tag/v4.0"
},
{
"name" : "https://github.com/dosfstools/dosfstools/issues/12",
"refsource" : "CONFIRM",
"url" : "https://github.com/dosfstools/dosfstools/issues/12"
"name": "https://github.com/dosfstools/dosfstools/issues/12",
"refsource": "CONFIRM",
"url": "https://github.com/dosfstools/dosfstools/issues/12"
},
{
"name" : "https://github.com/dosfstools/dosfstools/releases/tag/v4.0",
"refsource" : "CONFIRM",
"url" : "https://github.com/dosfstools/dosfstools/releases/tag/v4.0"
"name": "https://blog.fuzzing-project.org/44-dosfstools-fsck.vfat-Several-invalid-memory-accesses.html",
"refsource": "MISC",
"url": "https://blog.fuzzing-project.org/44-dosfstools-fsck.vfat-Several-invalid-memory-accesses.html"
},
{
"name" : "openSUSE-SU-2016:1461",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-06/msg00001.html"
"name": "USN-2986-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2986-1"
},
{
"name" : "openSUSE-SU-2016:2233",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00014.html"
"name": "https://github.com/dosfstools/dosfstools/commit/07908124838afcc99c577d1d3e84cef2dbd39cb7",
"refsource": "CONFIRM",
"url": "https://github.com/dosfstools/dosfstools/commit/07908124838afcc99c577d1d3e84cef2dbd39cb7"
},
{
"name" : "USN-2986-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2986-1"
"name": "openSUSE-SU-2016:2233",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00014.html"
},
{
"name" : "90311",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/90311"
"name": "90311",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90311"
}
]
}

68
2015/9xxx/CVE-2015-9272.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-9272",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9272",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The videowhisper-video-presentation plugin 3.31.17 for WordPress allows remote attackers to execute arbitrary code because vp/vw_upload.php considers a file safe when \"html\" are the last four characters, as demonstrated by a .phtml file containing PHP code."
"lang": "eng",
"value": "The videowhisper-video-presentation plugin 3.31.17 for WordPress allows remote attackers to execute arbitrary code because vp/vw_upload.php considers a file safe when \"html\" are the last four characters, as demonstrated by a .phtml file containing PHP code."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.vapidlabs.com/advisory.php?v=117",
"refsource" : "MISC",
"url" : "http://www.vapidlabs.com/advisory.php?v=117"
"name": "http://www.vapidlabs.com/advisory.php?v=117",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=117"
},
{
"name" : "https://www.openwall.com/lists/oss-security/2015/04/01/2",
"refsource" : "MISC",
"url" : "https://www.openwall.com/lists/oss-security/2015/04/01/2"
"name": "https://www.openwall.com/lists/oss-security/2015/04/01/2",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2015/04/01/2"
}
]
}

62
2016/0xxx/CVE-2016-0304.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0304",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0304",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, aka SPR KLYHA7MM3J. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0920."
"lang": "eng",
"value": "The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, aka SPR KLYHA7MM3J. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0920."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983328",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983328"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21983328",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983328"
}
]
}

68
2016/0xxx/CVE-2016-0557.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0557",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0557",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Advanced Collections component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Administration, a different vulnerability than CVE-2016-0556."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Advanced Collections component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Administration, a different vulnerability than CVE-2016-0556."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name" : "1034726",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034726"
"name": "1034726",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034726"
}
]
}

74
2016/0xxx/CVE-2016-0688.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0688",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0688",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to Core Components."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to Core Components."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
"name": "86469",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/86469"
},
{
"name" : "86469",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/86469"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name" : "1035615",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035615"
"name": "1035615",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035615"
}
]
}

74
2016/0xxx/CVE-2016-0788.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com",
"ID" : "CVE-2016-0788",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-0788",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The remoting module in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execute arbitrary code by opening a JRMP listener."
"lang": "eng",
"value": "The remoting module in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execute arbitrary code by opening a JRMP listener."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24",
"refsource" : "CONFIRM",
"url" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24"
"name": "RHSA-2016:0711",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:0711"
},
{
"name" : "RHSA-2016:0711",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:0711"
"name": "RHSA-2016:1773",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1773.html"
},
{
"name" : "RHSA-2016:1773",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1773.html"
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24"
}
]
}

80
2016/1xxx/CVE-2016-1070.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1070",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1070",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-318",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-318"
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name" : "90512",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/90512"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-318",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-318"
},
{
"name" : "1035828",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035828"
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}

86
2016/1xxx/CVE-2016-1372.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1372",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1372",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file."
"lang": "eng",
"value": "ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/",
"refsource" : "MISC",
"url" : "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/"
"name": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html",
"refsource": "CONFIRM",
"url": "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html"
},
{
"name" : "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html",
"refsource" : "CONFIRM",
"url" : "http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html"
"name": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/",
"refsource": "MISC",
"url": "https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/"
},
{
"name" : "https://bugzilla.clamav.net/show_bug.cgi?id=11514",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.clamav.net/show_bug.cgi?id=11514"
"name": "93221",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93221"
},
{
"name" : "USN-3093-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3093-1"
"name": "https://bugzilla.clamav.net/show_bug.cgi?id=11514",
"refsource": "CONFIRM",
"url": "https://bugzilla.clamav.net/show_bug.cgi?id=11514"
},
{
"name" : "93221",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93221"
"name": "USN-3093-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3093-1"
}
]
}

68
2016/1xxx/CVE-2016-1880.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1880",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1880",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to \"handling of Linux futex robust lists.\""
"lang": "eng",
"value": "The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to \"handling of Linux futex robust lists.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "FreeBSD-SA-16:03",
"refsource" : "FREEBSD",
"url" : "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:03.linux.asc"
"name": "1034675",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034675"
},
{
"name" : "1034675",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034675"
"name": "FreeBSD-SA-16:03",
"refsource": "FREEBSD",
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:03.linux.asc"
}
]
}

68
2016/1xxx/CVE-2016-1916.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1916",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1916",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by leveraging basic administrative access to create a crafted policy, leading to improper rendering on a certain Export IT screen."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by leveraging basic administrative access to create a crafted policy, leading to improper rendering on a certain Export IT screen."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.blackberry.com/btsc/KB38117",
"refsource" : "CONFIRM",
"url" : "http://www.blackberry.com/btsc/KB38117"
"name": "1035568",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035568"
},
{
"name" : "1035568",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035568"
"name": "http://www.blackberry.com/btsc/KB38117",
"refsource": "CONFIRM",
"url": "http://www.blackberry.com/btsc/KB38117"
}
]
}

206
2016/1xxx/CVE-2016-1960.json
View File

@ -1,181 +1,181 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1960",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2016-1960",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545."
"lang": "eng",
"value": "Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "42484",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/42484/"
"name": "openSUSE-SU-2016:0894",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"
},
{
"name" : "44294",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/44294/"
"name": "http://www.mozilla.org/security/announce/2016/mfsa2016-23.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2016/mfsa2016-23.html"
},
{
"name" : "http://zerodayinitiative.com/advisories/ZDI-16-198/",
"refsource" : "MISC",
"url" : "http://zerodayinitiative.com/advisories/ZDI-16-198/"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1246014",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1246014"
},
{
"name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-23.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-23.html"
"name": "SUSE-SU-2016:0820",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1246014",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1246014"
"name": "openSUSE-SU-2016:1767",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"name" : "DSA-3510",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3510"
"name": "openSUSE-SU-2016:0731",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"
},
{
"name" : "DSA-3520",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3520"
"name": "SUSE-SU-2016:0727",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"
},
{
"name" : "GLSA-201605-06",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201605-06"
"name": "openSUSE-SU-2016:1778",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"
},
{
"name" : "openSUSE-SU-2016:0894",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"
"name": "openSUSE-SU-2016:0876",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"
},
{
"name" : "openSUSE-SU-2016:1767",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html"
"name": "USN-2917-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2917-1"
},
{
"name" : "openSUSE-SU-2016:1769",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"
"name": "DSA-3520",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3520"
},
{
"name" : "openSUSE-SU-2016:1778",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html"
"name": "openSUSE-SU-2016:1769",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html"
},
{
"name" : "SUSE-SU-2016:0909",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"
"name": "44294",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44294/"
},
{
"name" : "SUSE-SU-2016:0727",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"
"name": "http://zerodayinitiative.com/advisories/ZDI-16-198/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-16-198/"
},
{
"name" : "SUSE-SU-2016:0777",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"
"name": "SUSE-SU-2016:0909",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"
},
{
"name" : "openSUSE-SU-2016:0731",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"
"name": "DSA-3510",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3510"
},
{
"name" : "openSUSE-SU-2016:0733",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"
"name": "openSUSE-SU-2016:0733",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"
},
{
"name" : "SUSE-SU-2016:0820",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"
"name": "1035215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035215"
},
{
"name" : "openSUSE-SU-2016:0876",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"
"name": "SUSE-SU-2016:0777",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"
},
{
"name" : "USN-2917-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2917-2"
"name": "GLSA-201605-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-06"
},
{
"name" : "USN-2917-3",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2917-3"
"name": "USN-2934-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2934-1"
},
{
"name" : "USN-2934-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2934-1"
"name": "42484",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42484/"
},
{
"name" : "USN-2917-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2917-1"
"name": "USN-2917-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2917-2"
},
{
"name" : "1035215",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035215"
"name": "USN-2917-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2917-3"
}
]
}

86
2016/5xxx/CVE-2016-5204.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-5204",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-5204",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android",
"version" : {
"version_data" : [
"product_name": "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android",
"version": {
"version_data": [
{
"version_value" : "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android"
"version_value": "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page."
"lang": "eng",
"value": "Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "object corruption"
"lang": "eng",
"value": "object corruption"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html",
"refsource" : "CONFIRM",
"url" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html"
"name": "RHSA-2016:2919",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2919.html"
},
{
"name" : "https://crbug.com/630870",
"refsource" : "CONFIRM",
"url" : "https://crbug.com/630870"
"name": "https://crbug.com/630870",
"refsource": "CONFIRM",
"url": "https://crbug.com/630870"
},
{
"name" : "GLSA-201612-11",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201612-11"
"name": "94633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94633"
},
{
"name" : "RHSA-2016:2919",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2919.html"
"name": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html"
},
{
"name" : "94633",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94633"
"name": "GLSA-201612-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-11"
}
]
}

104
2016/5xxx/CVE-2016-5260.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5260",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2016-5260",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 48.0 mishandles changes from 'INPUT type=\"password\"' to 'INPUT type=\"text\"' within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file."
"lang": "eng",
"value": "Mozilla Firefox before 48.0 mishandles changes from 'INPUT type=\"password\"' to 'INPUT type=\"text\"' within a single Session Manager session, which might allow attackers to discover cleartext passwords by reading a session restoration file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-74.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-74.html"
"name": "http://www.mozilla.org/security/announce/2016/mfsa2016-74.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2016/mfsa2016-74.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1280294",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1280294"
"name": "1036508",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036508"
},
{
"name" : "GLSA-201701-15",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-15"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1280294",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1280294"
},
{
"name" : "openSUSE-SU-2016:1964",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"
"name": "USN-3044-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3044-1"
},
{
"name" : "openSUSE-SU-2016:2026",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"
"name": "92260",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92260"
},
{
"name" : "USN-3044-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3044-1"
"name": "GLSA-201701-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-15"
},
{
"name" : "92260",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92260"
"name": "openSUSE-SU-2016:1964",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"
},
{
"name" : "1036508",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036508"
"name": "openSUSE-SU-2016:2026",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"
}
]
}

68
2016/5xxx/CVE-2016-5393.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@apache.org",
"ID" : "CVE-2016-5393",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-5393",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Apache Hadoop",
"version" : {
"version_data" : [
"product_name": "Apache Hadoop",
"version": {
"version_data": [
{
"version_value" : "Apache Hadoop 2.6.x before 2.6.5, 2.7.x before 2.7.3"
"version_value": "Apache Hadoop 2.6.x before 2.6.5, 2.7.x before 2.7.3"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service."
"lang": "eng",
"value": "In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges as the HDFS service."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "arbitrary command execution"
"lang": "eng",
"value": "arbitrary command execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://mail-archives.apache.org/mod_mbox/hadoop-general/201611.mbox/%3CCAA0W1bTbUmUUSF1rjRpX-2DvWutcrPt7TJSWUcSLg1F0gyHG1Q%40mail.gmail.com%3E",
"refsource" : "CONFIRM",
"url" : "http://mail-archives.apache.org/mod_mbox/hadoop-general/201611.mbox/%3CCAA0W1bTbUmUUSF1rjRpX-2DvWutcrPt7TJSWUcSLg1F0gyHG1Q%40mail.gmail.com%3E"
"name": "http://mail-archives.apache.org/mod_mbox/hadoop-general/201611.mbox/%3CCAA0W1bTbUmUUSF1rjRpX-2DvWutcrPt7TJSWUcSLg1F0gyHG1Q%40mail.gmail.com%3E",
"refsource": "CONFIRM",
"url": "http://mail-archives.apache.org/mod_mbox/hadoop-general/201611.mbox/%3CCAA0W1bTbUmUUSF1rjRpX-2DvWutcrPt7TJSWUcSLg1F0gyHG1Q%40mail.gmail.com%3E"
},
{
"name" : "94574",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94574"
"name": "94574",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94574"
}
]
}

68
2016/5xxx/CVE-2016-5801.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"ID" : "CVE-2016-5801",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-5801",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "OmniMetrix OmniView 1.2",
"version" : {
"version_data" : [
"product_name": "OmniMetrix OmniView 1.2",
"version": {
"version_data": [
{
"version_value" : "OmniMetrix OmniView 1.2"
"version_value": "OmniMetrix OmniView 1.2"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in OmniMetrix OmniView, Version 1.2. Insufficient password requirements for the OmniView web application may allow an attacker to gain access by brute forcing account passwords."
"lang": "eng",
"value": "An issue was discovered in OmniMetrix OmniView, Version 1.2. Insufficient password requirements for the OmniView web application may allow an attacker to gain access by brute forcing account passwords."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "OmniMetrix OmniView Insufficient password requirements"
"lang": "eng",
"value": "OmniMetrix OmniView Insufficient password requirements"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-350-02",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-350-02"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-350-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-350-02"
},
{
"name" : "94937",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94937"
"name": "94937",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94937"
}
]
}

22
2016/5xxx/CVE-2016-5989.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5989",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5989",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2019/0xxx/CVE-2019-0005.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"ID" : "CVE-2019-0005",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"ID": "CVE-2019-0005",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS on EX and QFX series;: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R7; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 series; 15.1X53 versions prior to 15.1X53-D591 on EX2300/EX3400 series; 16.1 versions prior to 16.1R7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2."
"lang": "eng",
"value": "On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS on EX and QFX series;: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1R7; 15.1X53 versions prior to 15.1X53-D234 on QFX5200/QFX5110 series; 15.1X53 versions prior to 15.1X53-D591 on EX2300/EX3400 series; 16.1 versions prior to 16.1R7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R2."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://kb.juniper.net/JSA10905",
"refsource" : "CONFIRM",
"url" : "https://kb.juniper.net/JSA10905"
"name": "106665",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106665"
},
{
"name" : "106665",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106665"
"name": "https://kb.juniper.net/JSA10905",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10905"
}
]
}

22
2019/0xxx/CVE-2019-0131.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0131",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0131",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

70
2019/0xxx/CVE-2019-0187.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@apache.org",
"DATE_PUBLIC" : "2019-03-02T00:00:00",
"ID" : "CVE-2019-0187",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2019-03-02T00:00:00",
"ID": "CVE-2019-0187",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Apache JMeter",
"version" : {
"version_data" : [
"product_name": "Apache JMeter",
"version": {
"version_data": [
{
"version_value" : "Apache JMeter 4.0 to 5.0"
"version_value": "Apache JMeter 4.0 to 5.0"
}
]
}
}
]
},
"vendor_name" : "Apache Software Foundation"
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed mode. Note that versions before 4.0 are not able to encrypt traffic between the nodes, nor authenticate the participating nodes so upgrade to JMeter 5.1 is also advised."
"lang": "eng",
"value": "Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed mode. Note that versions before 4.0 are not able to encrypt traffic between the nodes, nor authenticate the participating nodes so upgrade to JMeter 5.1 is also advised."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Unauthenticated RCE"
"lang": "eng",
"value": "Unauthenticated RCE"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[jmeter-user] 20190302 [SECURITY] CVE-2019-0187: Apache JMeter Missing client auth for RMI connection when distributed test is used",
"refsource" : "MLIST",
"url" : "http://mail-archives.apache.org/mod_mbox/jmeter-user/201903.mbox/%3CCAH9fUpaUQaFbgY1Zh4OvKSL4wdvGAmVt%2Bn4fegibDoAxK5XARw%40mail.gmail.com%3E"
"name": "107219",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107219"
},
{
"name" : "107219",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107219"
"name": "[jmeter-user] 20190302 [SECURITY] CVE-2019-0187: Apache JMeter Missing client auth for RMI connection when distributed test is used",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/jmeter-user/201903.mbox/%3CCAH9fUpaUQaFbgY1Zh4OvKSL4wdvGAmVt%2Bn4fegibDoAxK5XARw%40mail.gmail.com%3E"
}
]
}

22
2019/0xxx/CVE-2019-0334.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0334",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0334",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2019/0xxx/CVE-2019-0606.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0606",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0606",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'."
"lang": "eng",
"value": "A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0606",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0606"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0606",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0606"
},
{
"name" : "106859",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106859"
"name": "106859",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106859"
}
]
}

22
2019/1xxx/CVE-2019-1253.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1253",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1253",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1922.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1922",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1922",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4151.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4151",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4151",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4299.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4299",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4299",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4481.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4481",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4481",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4552.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4552",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4552",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2019/5xxx/CVE-2019-5006.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5006",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5006",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing."
"lang": "eng",
"value": "An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource" : "CONFIRM",
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php"
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "CONFIRM",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}
]
}

22
2019/5xxx/CVE-2019-5614.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5614",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5614",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5734.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5734",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5734",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5848.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5848",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5848",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8291.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8291",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8291",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8324.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8324",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8324",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8734.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8734",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8734",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8952.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8952",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8952",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2019/9xxx/CVE-2019-9075.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9075",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9075",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c."
"lang": "eng",
"value": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=24236",
"refsource" : "MISC",
"url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=24236"
"name": "https://security.netapp.com/advisory/ntap-20190314-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190314-0003/"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20190314-0003/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20190314-0003/"
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=24236",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24236"
}
]
}

22
2019/9xxx/CVE-2019-9381.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9381",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9381",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2019/9xxx/CVE-2019-9751.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9751",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9751",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. This is related to Kernel/Output/Template/Document.pm."
"lang": "eng",
"value": "An issue was discovered in Open Ticket Request System (OTRS) 6.x before 6.0.17 and 7.x before 7.0.5. An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS. This is related to Kernel/Output/Template/Document.pm."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework",
"refsource" : "MISC",
"url" : "https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework"
"name": "https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework",
"refsource": "MISC",
"url": "https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework"
}
]
}