admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:15:45 +00:00
parent b272d490c7
commit fef34a06bf
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 3140 additions and 3140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
1999/0xxx/CVE-1999-0959.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0959",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0959",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IRIX startmidi program allows local users to modify arbitrary files via a symlink attack."
"lang": "eng",
"value": "IRIX startmidi program allows local users to modify arbitrary files via a symlink attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "19980301-01-PX",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/19980301-01-PX"
"name": "19980301-01-PX",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980301-01-PX"
},
{
"name" : "469",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/469"
"name": "469",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/469"
},
{
"name" : "8447",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/8447"
"name": "irix-startmidi-file-creation(1634)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1634"
},
{
"name" : "irix-startmidi-file-creation(1634)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1634"
"name": "8447",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/8447"
}
]
}

98
2007/0xxx/CVE-2007-0175.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0175",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0175",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=410568",
"refsource" : "CONFIRM",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=410568"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=410568",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=410568"
},
{
"name" : "DSA-1568",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1568"
"name": "30093",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30093"
},
{
"name" : "21953",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21953"
"name": "DSA-1568",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1568"
},
{
"name" : "32027",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32027"
"name": "32027",
"refsource": "OSVDB",
"url": "http://osvdb.org/32027"
},
{
"name" : "23656",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23656"
"name": "b2evolution-login-xss(31368)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31368"
},
{
"name" : "30093",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30093"
"name": "21953",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21953"
},
{
"name" : "b2evolution-login-xss(31368)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31368"
"name": "23656",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23656"
}
]
}

128
2007/0xxx/CVE-2007-0221.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0221",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2007-0221",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the \"IMAP Literal Processing Vulnerability.\""
"lang": "eng",
"value": "Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the \"IMAP Literal Processing Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070508 Microsoft Exchange Server 2000 IMAP Literal Processing DoS Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=526"
"name": "HPSBST02214",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
},
{
"name" : "HPSBST02214",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name": "1018015",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018015"
},
{
"name" : "SSRT071422",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name": "MS07-026",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-026"
},
{
"name" : "MS07-026",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-026"
"name": "exchange-imap-command-dos(33890)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33890"
},
{
"name" : "TA07-128A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-128A.html"
"name": "SSRT071422",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
},
{
"name" : "23810",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23810"
"name": "23810",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23810"
},
{
"name" : "ADV-2007-1711",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1711"
"name": "25183",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25183"
},
{
"name" : "34392",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34392"
"name": "TA07-128A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html"
},
{
"name" : "oval:org.mitre.oval:def:2054",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2054"
"name": "oval:org.mitre.oval:def:2054",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2054"
},
{
"name" : "1018015",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018015"
"name": "ADV-2007-1711",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1711"
},
{
"name" : "25183",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25183"
"name": "20070508 Microsoft Exchange Server 2000 IMAP Literal Processing DoS Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=526"
},
{
"name" : "exchange-imap-command-dos(33890)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33890"
"name": "34392",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34392"
}
]
}

80
2007/0xxx/CVE-2007-0504.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0504",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0504",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and possibly other scripts, allows remote attackers to execute arbitrary code via the poll_id parameter, which is supplied to an eval function call, a different vulnerability type than CVE-2005-4632."
"lang": "eng",
"value": "Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and possibly other scripts, allows remote attackers to execute arbitrary code via the poll_id parameter, which is supplied to an eval function call, a different vulnerability type than CVE-2005-4632."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "3180",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3180"
"name": "ADV-2007-0300",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0300"
},
{
"name" : "ADV-2007-0300",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0300"
"name": "31606",
"refsource": "OSVDB",
"url": "http://osvdb.org/31606"
},
{
"name" : "31606",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/31606"
"name": "3180",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3180"
},
{
"name" : "23834",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23834"
"name": "23834",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23834"
}
]
}

92
2007/1xxx/CVE-2007-1102.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1102",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1102",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Photostand 1.2.0 allows remote attackers to obtain sensitive information via a ' (quote) character in (1) a PHPSESSID cookie or (2) the id parameter in an article action in index.php, which reveal the path in various error messages."
"lang": "eng",
"value": "Photostand 1.2.0 allows remote attackers to obtain sensitive information via a ' (quote) character in (1) a PHPSESSID cookie or (2) the id parameter in an article action in index.php, which reveal the path in various error messages."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070224 Photostand_1.2.0 Multiple Cross Site Scripting",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/461150/100/0/threaded"
"name": "2296",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2296"
},
{
"name" : "ADV-2007-0752",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0752"
"name": "33774",
"refsource": "OSVDB",
"url": "http://osvdb.org/33774"
},
{
"name" : "33774",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33774"
"name": "ADV-2007-0752",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0752"
},
{
"name" : "33775",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33775"
"name": "33775",
"refsource": "OSVDB",
"url": "http://osvdb.org/33775"
},
{
"name" : "2296",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2296"
"name": "photostand-index-path-disclosure(32702)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32702"
},
{
"name" : "photostand-index-path-disclosure(32702)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32702"
"name": "20070224 Photostand_1.2.0 Multiple Cross Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/461150/100/0/threaded"
}
]
}

86
2007/1xxx/CVE-2007-1130.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1130",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1130",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in sinagb.php in Sinapis Gastebuch 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the fuss parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in sinagb.php in Sinapis Gastebuch 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the fuss parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "3366",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3366"
"name": "3366",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3366"
},
{
"name" : "22696",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22696"
"name": "sinapis-gastebuch-sinagb-file-include(32657)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32657"
},
{
"name" : "ADV-2007-0737",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0737"
"name": "37007",
"refsource": "OSVDB",
"url": "http://osvdb.org/37007"
},
{
"name" : "37007",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37007"
"name": "22696",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22696"
},
{
"name" : "sinapis-gastebuch-sinagb-file-include(32657)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32657"
"name": "ADV-2007-0737",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0737"
}
]
}

134
2007/1xxx/CVE-2007-1214.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1214",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2007-1214",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption."
"lang": "eng",
"value": "Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070508 Microsoft Excel Filter Record Code Execution Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=527"
"name": "HPSBST02214",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
},
{
"name" : "HPSBST02214",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name": "SSRT071422",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
},
{
"name" : "SSRT071422",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name": "excel-autofilter-code-execution(33915)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33915"
},
{
"name" : "MS07-023",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-023"
"name": "TA07-128A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html"
},
{
"name" : "TA07-128A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-128A.html"
"name": "MS07-023",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-023"
},
{
"name" : "VU#253825",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/253825"
"name": "VU#253825",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/253825"
},
{
"name" : "23780",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23780"
"name": "20070508 Microsoft Excel Filter Record Code Execution Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=527"
},
{
"name" : "ADV-2007-1708",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1708"
"name": "ADV-2007-1708",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1708"
},
{
"name" : "34395",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34395"
"name": "1018012",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018012"
},
{
"name" : "oval:org.mitre.oval:def:2064",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2064"
"name": "oval:org.mitre.oval:def:2064",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2064"
},
{
"name" : "1018012",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018012"
"name": "34395",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34395"
},
{
"name" : "25150",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25150"
"name": "23780",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23780"
},
{
"name" : "excel-autofilter-code-execution(33915)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33915"
"name": "25150",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25150"
}
]
}

80
2007/1xxx/CVE-2007-1815.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1815",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1815",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in viewcat.php in the Library module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter."
"lang": "eng",
"value": "SQL injection vulnerability in viewcat.php in the Library module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "3619",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3619"
"name": "23229",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23229"
},
{
"name" : "23229",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23229"
"name": "3619",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3619"
},
{
"name" : "34468",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34468"
"name": "34468",
"refsource": "OSVDB",
"url": "http://osvdb.org/34468"
},
{
"name" : "xoops-library-viewcat-sql-injection(33366)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33366"
"name": "xoops-library-viewcat-sql-injection(33366)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33366"
}
]
}

22
2007/1xxx/CVE-2007-1875.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1875",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1875",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

98
2007/5xxx/CVE-2007-5133.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5133",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5133",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png."
"lang": "eng",
"value": "Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070925 Possible Windows Explorer bad PNG file preview integer overflow handling",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/480594/100/0/threaded"
"name": "20070925 Possible Windows Explorer bad PNG file preview integer overflow handling",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480594/100/0/threaded"
},
{
"name" : "20070926 Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/480706/100/0/threaded"
"name": "20070927 Re: Possible Windows Explorer bad PNG file preview integer overflow handling",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480854/100/0/threaded"
},
{
"name" : "20070927 Re: Possible Windows Explorer bad PNG file preview integer overflow handling",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/480854/100/0/threaded"
"name": "20070926 Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480706/100/0/threaded"
},
{
"name" : "20070927 Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/480827/100/0/threaded"
"name": "20070927 Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480827/100/0/threaded"
},
{
"name" : "20070927 Re: Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/480864/100/0/threaded"
"name": "25816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25816"
},
{
"name" : "25816",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25816"
"name": "45521",
"refsource": "OSVDB",
"url": "http://osvdb.org/45521"
},
{
"name" : "45521",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45521"
"name": "20070927 Re: Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480864/100/0/threaded"
}
]
}

110
2007/5xxx/CVE-2007-5520.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5520",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5520",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8 and 9.2.0.8DV, and Oracle Application Server 9.0.4.3, 10.1.3.0.0 up to 10.1.3.3.0, and 10.1.2.0.1 up to 10.1.2.2.0, has unknown impact and remote attack vectors, aka AS05."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8 and 9.2.0.8DV, and Oracle Application Server 9.0.4.3, 10.1.3.0.0 up to 10.1.3.3.0, and 10.1.2.0.1 up to 10.1.2.2.0, has unknown impact and remote attack vectors, aka AS05."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
},
{
"name" : "HPSBMA02133",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
"name": "ADV-2007-3524",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3524"
},
{
"name" : "SSRT061201",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
"name": "ADV-2007-3626",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3626"
},
{
"name" : "TA07-290A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html"
"name": "TA07-290A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html"
},
{
"name" : "ADV-2007-3524",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3524"
"name": "SSRT061201",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
},
{
"name" : "ADV-2007-3626",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3626"
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
},
{
"name" : "1018823",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018823"
"name": "1018823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018823"
},
{
"name" : "27251",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27251"
"name": "27409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27409"
},
{
"name" : "27409",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27409"
"name": "27251",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27251"
}
]
}

140
2007/5xxx/CVE-2007-5642.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5642",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5642",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the def_lang parameter to modules/files/list.php; the m_path parameter to (2) modules/projects/summary.inc.php or (3) modules/tasks/summary.inc.php; (4) the module parameter to modules/projects/list.php; or the module parameter to index.php in the (5) certinfo, (6) emails, (7) events, (8) fax, (9) files, (10) groupadm, (11) history, (12) info, (13) log, (14) mail, (15) messages, (16) organizations, (17) phones, (18) presence, (19) projects, (20) reports, (21) search, (22) snf, (23) syslog, (24) tasks, or (25) useradm subdirectory of modules/."
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the def_lang parameter to modules/files/list.php; the m_path parameter to (2) modules/projects/summary.inc.php or (3) modules/tasks/summary.inc.php; (4) the module parameter to modules/projects/list.php; or the module parameter to index.php in the (5) certinfo, (6) emails, (7) events, (8) fax, (9) files, (10) groupadm, (11) history, (12) info, (13) log, (14) mail, (15) messages, (16) organizations, (17) phones, (18) presence, (19) projects, (20) reports, (21) search, (22) snf, (23) syslog, (24) tasks, or (25) useradm subdirectory of modules/."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4549",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4549"
"name": "4549",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4549"
},
{
"name" : "26148",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26148"
"name": "41951",
"refsource": "OSVDB",
"url": "http://osvdb.org/41951"
},
{
"name" : "41951",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41951"
"name": "41954",
"refsource": "OSVDB",
"url": "http://osvdb.org/41954"
},
{
"name" : "41954",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41954"
"name": "phpprojectmanagement-module-file-include(37348)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37348"
},
{
"name" : "41955",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41955"
"name": "41975",
"refsource": "OSVDB",
"url": "http://osvdb.org/41975"
},
{
"name" : "41956",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41956"
"name": "41972",
"refsource": "OSVDB",
"url": "http://osvdb.org/41972"
},
{
"name" : "41960",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41960"
"name": "41955",
"refsource": "OSVDB",
"url": "http://osvdb.org/41955"
},
{
"name" : "41963",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41963"
"name": "41970",
"refsource": "OSVDB",
"url": "http://osvdb.org/41970"
},
{
"name" : "41970",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41970"
"name": "41960",
"refsource": "OSVDB",
"url": "http://osvdb.org/41960"
},
{
"name" : "41972",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41972"
"name": "41956",
"refsource": "OSVDB",
"url": "http://osvdb.org/41956"
},
{
"name" : "41974",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41974"
"name": "41974",
"refsource": "OSVDB",
"url": "http://osvdb.org/41974"
},
{
"name" : "41975",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41975"
"name": "41963",
"refsource": "OSVDB",
"url": "http://osvdb.org/41963"
},
{
"name" : "27347",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27347"
"name": "26148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26148"
},
{
"name" : "phpprojectmanagement-module-file-include(37348)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37348"
"name": "27347",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27347"
}
]
}

98
2007/5xxx/CVE-2007-5661.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5661",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5661",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Macrovision InstallShield InstallScript One-Click Install (OCI) ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote attackers to download arbitrary library code onto a client machine."
"lang": "eng",
"value": "The Macrovision InstallShield InstallScript One-Click Install (OCI) ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote attackers to download arbitrary library code onto a client machine."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080331 Macrovision InstallShield InstallScript One-Click Install Untrusted Library Loading Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=649"
"name": "1019735",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019735"
},
{
"name" : "http://knowledge.macrovision.com/selfservice/microsites/search.do?cmd=displayKC&externalId=Q113640",
"refsource" : "CONFIRM",
"url" : "http://knowledge.macrovision.com/selfservice/microsites/search.do?cmd=displayKC&externalId=Q113640"
"name": "http://knowledge.macrovision.com/selfservice/microsites/search.do?cmd=displayKC&externalId=Q113640",
"refsource": "CONFIRM",
"url": "http://knowledge.macrovision.com/selfservice/microsites/search.do?cmd=displayKC&externalId=Q113640"
},
{
"name" : "28533",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/28533"
"name": "installshield-oneclick-code-execution(41558)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41558"
},
{
"name" : "ADV-2008-1049",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1049"
"name": "28533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28533"
},
{
"name" : "1019735",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1019735"
"name": "20080331 Macrovision InstallShield InstallScript One-Click Install Untrusted Library Loading Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=649"
},
{
"name" : "29549",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29549"
"name": "29549",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29549"
},
{
"name" : "installshield-oneclick-code-execution(41558)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41558"
"name": "ADV-2008-1049",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1049"
}
]
}

134
2015/3xxx/CVE-2015-3044.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3044",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-3044",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors."
"lang": "eng",
"value": "Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html"
"name": "SUSE-SU-2015:0878",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html"
},
{
"name" : "GLSA-201504-07",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201504-07"
"name": "openSUSE-SU-2015:0890",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html"
},
{
"name" : "GLSA-201505-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201505-02"
"name": "74065",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74065"
},
{
"name" : "RHSA-2015:0813",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0813.html"
"name": "openSUSE-SU-2015:0718",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html"
},
{
"name" : "SUSE-SU-2015:0722",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html"
"name": "SUSE-SU-2015:0722",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html"
},
{
"name" : "SUSE-SU-2015:0723",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html"
"name": "GLSA-201505-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201505-02"
},
{
"name" : "openSUSE-SU-2015:0718",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html"
"name": "GLSA-201504-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201504-07"
},
{
"name" : "SUSE-SU-2015:0878",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html"
"name": "1032105",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032105"
},
{
"name" : "openSUSE-SU-2015:0890",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html"
"name": "RHSA-2015:0813",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0813.html"
},
{
"name" : "openSUSE-SU-2015:0914",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html"
"name": "openSUSE-SU-2015:0914",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html"
},
{
"name" : "openSUSE-SU-2015:0725",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html"
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html"
},
{
"name" : "74065",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74065"
"name": "openSUSE-SU-2015:0725",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html"
},
{
"name" : "1032105",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032105"
"name": "SUSE-SU-2015:0723",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html"
}
]
}

80
2015/3xxx/CVE-2015-3059.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3059",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-3059",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3055, and CVE-2015-3075."
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3055, and CVE-2015-3075."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-212",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-212"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-212",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-212"
},
{
"name" : "https://helpx.adobe.com/security/products/reader/apsb15-10.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
"name": "https://helpx.adobe.com/security/products/reader/apsb15-10.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"name" : "74602",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74602"
"name": "1032284",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032284"
},
{
"name" : "1032284",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032284"
"name": "74602",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74602"
}
]
}

22
2015/3xxx/CVE-2015-3312.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3312",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3312",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2015/3xxx/CVE-2015-3941.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3941",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-3941",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none."
}
]
}

68
2015/4xxx/CVE-2015-4158.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4158",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4158",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SAP ABAP & Java Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security Note 2121661."
"lang": "eng",
"value": "SAP ABAP & Java Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security Note 2121661."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150522 SAP Security Notes May 2015",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/May/96"
"name": "74799",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74799"
},
{
"name" : "74799",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74799"
"name": "20150522 SAP Security Notes May 2015",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/May/96"
}
]
}

122
2015/7xxx/CVE-2015-7223.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7223",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2015-7223",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site."
"lang": "eng",
"value": "The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-148.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-148.html"
"name": "GLSA-201512-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201512-10"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1226423",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1226423"
"name": "openSUSE-SU-2015:2353",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html"
},
{
"name" : "FEDORA-2015-51b1105902",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html"
"name": "openSUSE-SU-2016:0308",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html"
},
{
"name" : "FEDORA-2015-7ab3d3afcf",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html"
"name": "FEDORA-2015-7ab3d3afcf",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html"
},
{
"name" : "GLSA-201512-10",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201512-10"
"name": "USN-2833-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2833-1"
},
{
"name" : "openSUSE-SU-2016:0307",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1226423",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1226423"
},
{
"name" : "openSUSE-SU-2016:0308",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html"
"name": "79280",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79280"
},
{
"name" : "openSUSE-SU-2015:2353",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html"
"name": "http://www.mozilla.org/security/announce/2015/mfsa2015-148.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-148.html"
},
{
"name" : "USN-2833-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2833-1"
"name": "openSUSE-SU-2016:0307",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html"
},
{
"name" : "79280",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/79280"
"name": "FEDORA-2015-51b1105902",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html"
},
{
"name" : "1034426",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034426"
"name": "1034426",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034426"
}
]
}

22
2015/7xxx/CVE-2015-7572.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7572",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-7572",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0237. Reason: This candidate is a duplicate of CVE-2013-0237. Notes: All CVE users should reference CVE-2013-0237 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0237. Reason: This candidate is a duplicate of CVE-2013-0237. Notes: All CVE users should reference CVE-2013-0237 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

74
2015/8xxx/CVE-2015-8542.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8542",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8542",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The \"getprivkeybyid\" API call is used to download a PGP Private Key for a specific user after providing authentication credentials. Clients provide the \"id\" and \"cid\" parameter to specify the current user by its user- and context-ID. The \"auth\" parameter contains a hashed password string which gets created by the client by asking the user to enter his or her OX Guard password. This parameter is used as single point of authentication when accessing PGP Private Keys. In case a user has set the same password as another user, it is possible to download another user's PGP Private Key by iterating the \"id\" and \"cid\" parameters. This kind of attack would also be able by brute-forcing login credentials, but since the \"id\" and \"cid\" parameters are sequential they are much easier to predict than a user's login name. At the same time, there are some obvious insecure standard passwords that are widely used. A attacker could send the hashed representation of typically weak passwords and randomly fetch Private Key of matching accounts. The attack can be executed by both internal users and \"guests\" which use the external mail reader."
"lang": "eng",
"value": "An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The \"getprivkeybyid\" API call is used to download a PGP Private Key for a specific user after providing authentication credentials. Clients provide the \"id\" and \"cid\" parameter to specify the current user by its user- and context-ID. The \"auth\" parameter contains a hashed password string which gets created by the client by asking the user to enter his or her OX Guard password. This parameter is used as single point of authentication when accessing PGP Private Keys. In case a user has set the same password as another user, it is possible to download another user's PGP Private Key by iterating the \"id\" and \"cid\" parameters. This kind of attack would also be able by brute-forcing login credentials, but since the \"id\" and \"cid\" parameters are sequential they are much easier to predict than a user's login name. At the same time, there are some obvious insecure standard passwords that are widely used. A attacker could send the hashed representation of typically weak passwords and randomly fetch Private Key of matching accounts. The attack can be executed by both internal users and \"guests\" which use the external mail reader."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160302 Open-Xchange Security Advisory 2016-03-02",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/537678/100/0/threaded"
"name": "20160302 Open-Xchange Security Advisory 2016-03-02",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537678/100/0/threaded"
},
{
"name" : "http://packetstormsecurity.com/files/136069/Open-Xchange-Guard-2.2.0-2.0-Private-Key-Disclosure.html",
"refsource" : "CONFIRM",
"url" : "http://packetstormsecurity.com/files/136069/Open-Xchange-Guard-2.2.0-2.0-Private-Key-Disclosure.html"
"name": "1035174",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035174"
},
{
"name" : "1035174",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035174"
"name": "http://packetstormsecurity.com/files/136069/Open-Xchange-Guard-2.2.0-2.0-Private-Key-Disclosure.html",
"refsource": "CONFIRM",
"url": "http://packetstormsecurity.com/files/136069/Open-Xchange-Guard-2.2.0-2.0-Private-Key-Disclosure.html"
}
]
}

98
2015/8xxx/CVE-2015-8720.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8720",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8720",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
"lang": "eng",
"value": "The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-39.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-39.html"
"name": "DSA-3505",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3505"
},
{
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=921bb07115fbffc081ec56a5022b4a9d58db6d39",
"refsource" : "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=921bb07115fbffc081ec56a5022b4a9d58db6d39"
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=921bb07115fbffc081ec56a5022b4a9d58db6d39",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=921bb07115fbffc081ec56a5022b4a9d58db6d39"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
"name": "79814",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79814"
},
{
"name" : "DSA-3505",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3505"
"name": "http://www.wireshark.org/security/wnpa-sec-2015-39.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-39.html"
},
{
"name" : "GLSA-201604-05",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201604-05"
"name": "GLSA-201604-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"name" : "79814",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/79814"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name" : "1034551",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034551"
"name": "1034551",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034551"
}
]
}

80
2015/8xxx/CVE-2015-8861.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8861",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8861",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The handlebars package before 4.0.0 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted."
"lang": "eng",
"value": "The handlebars package before 4.0.0 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160420 various vulnerabilities in Node.js packages",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/04/20/11"
"name": "https://www.tenable.com/security/tns-2016-18",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2016-18"
},
{
"name" : "https://www.sourceclear.com/blog/handlebars_vulnerability_research_findings/",
"refsource" : "MISC",
"url" : "https://www.sourceclear.com/blog/handlebars_vulnerability_research_findings/"
"name": "https://www.sourceclear.com/blog/handlebars_vulnerability_research_findings/",
"refsource": "MISC",
"url": "https://www.sourceclear.com/blog/handlebars_vulnerability_research_findings/"
},
{
"name" : "https://www.tenable.com/security/tns-2016-18",
"refsource" : "CONFIRM",
"url" : "https://www.tenable.com/security/tns-2016-18"
"name": "96434",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96434"
},
{
"name" : "96434",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96434"
"name": "[oss-security] 20160420 various vulnerabilities in Node.js packages",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/20/11"
}
]
}

68
2016/0xxx/CVE-2016-0147.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0147",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-0147",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft XML Core Services 3.0 allows remote attackers to execute arbitrary code via a crafted web site, aka \"MSXML 3.0 Remote Code Execution Vulnerability.\""
"lang": "eng",
"value": "Microsoft XML Core Services 3.0 allows remote attackers to execute arbitrary code via a crafted web site, aka \"MSXML 3.0 Remote Code Execution Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS16-040",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-040"
"name": "1035523",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035523"
},
{
"name" : "1035523",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035523"
"name": "MS16-040",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-040"
}
]
}

80
2016/0xxx/CVE-2016-0170.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0170",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-0170",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka \"Windows Graphics Component RCE Vulnerability.\""
"lang": "eng",
"value": "GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka \"Windows Graphics Component RCE Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.com/files/137096/Microsoft-Windows-gdi32.dll-ExtEscape-Buffer-Overflow.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/137096/Microsoft-Windows-gdi32.dll-ExtEscape-Buffer-Overflow.html"
"name": "1035823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035823"
},
{
"name" : "MS16-055",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-055"
"name": "MS16-055",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-055"
},
{
"name" : "89864",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/89864"
"name": "http://packetstormsecurity.com/files/137096/Microsoft-Windows-gdi32.dll-ExtEscape-Buffer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137096/Microsoft-Windows-gdi32.dll-ExtEscape-Buffer-Overflow.html"
},
{
"name" : "1035823",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035823"
"name": "89864",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89864"
}
]
}

104
2016/0xxx/CVE-2016-0970.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0970",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-0970",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981."
"lang": "eng",
"value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
"name": "SUSE-SU-2016:0400",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
},
{
"name" : "GLSA-201603-07",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-07"
"name": "1034970",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034970"
},
{
"name" : "RHSA-2016:0166",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0166.html"
"name": "GLSA-201603-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"name" : "SUSE-SU-2016:0398",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
"name": "RHSA-2016:0166",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html"
},
{
"name" : "SUSE-SU-2016:0400",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
"name": "openSUSE-SU-2016:0415",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"name" : "openSUSE-SU-2016:0412",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
"name": "openSUSE-SU-2016:0412",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"name" : "openSUSE-SU-2016:0415",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"name" : "1034970",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034970"
"name": "SUSE-SU-2016:0398",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
}
]
}

86
2016/1xxx/CVE-2016-1110.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1110",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1110",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064."
"lang": "eng",
"value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html"
"name": "SUSE-SU-2016:1305",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
},
{
"name" : "MS16-064",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064"
"name": "1035827",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035827"
},
{
"name" : "RHSA-2016:1079",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1079.html"
"name": "MS16-064",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064"
},
{
"name" : "SUSE-SU-2016:1305",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html"
},
{
"name" : "1035827",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035827"
"name": "RHSA-2016:1079",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html"
}
]
}

80
2016/1xxx/CVE-2016-1345.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1345",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1345",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726."
"lang": "eng",
"value": "Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160330 Cisco Firepower Malware Block Bypass Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp"
"name": "1035437",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035437"
},
{
"name" : "1035437",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035437"
"name": "20160330 Cisco Firepower Malware Block Bypass Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp"
},
{
"name" : "1035438",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035438"
"name": "1035439",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035439"
},
{
"name" : "1035439",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035439"
"name": "1035438",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035438"
}
]
}

110
2016/1xxx/CVE-2016-1728.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1728",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-1728",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Cascading Style Sheets (CSS) implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the \"a:visited button\" selector during height processing, which makes it easier for remote attackers to obtain sensitive browser-history information via a crafted web site."
"lang": "eng",
"value": "The Cascading Style Sheets (CSS) implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the \"a:visited button\" selector during height processing, which makes it easier for remote attackers to obtain sensitive browser-history information via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160311 WebKitGTK+ Security Advisory WSA-2016-0002",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/537771/100/0/threaded"
"name": "http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html"
},
{
"name" : "http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html"
"name": "81263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/81263"
},
{
"name" : "https://support.apple.com/HT205730",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205730"
"name": "20160311 WebKitGTK+ Security Advisory WSA-2016-0002",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537771/100/0/threaded"
},
{
"name" : "https://support.apple.com/HT205732",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205732"
"name": "1034737",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034737"
},
{
"name" : "APPLE-SA-2016-01-19-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html"
"name": "https://support.apple.com/HT205730",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205730"
},
{
"name" : "APPLE-SA-2016-01-19-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00004.html"
"name": "APPLE-SA-2016-01-19-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html"
},
{
"name" : "GLSA-201706-15",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201706-15"
"name": "GLSA-201706-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-15"
},
{
"name" : "81263",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/81263"
"name": "https://support.apple.com/HT205732",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205732"
},
{
"name" : "1034737",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034737"
"name": "APPLE-SA-2016-01-19-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00004.html"
}
]
}

86
2016/1xxx/CVE-2016-1820.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1820",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-1820",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app."
"lang": "eng",
"value": "Buffer overflow in IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-347",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-347"
"name": "https://support.apple.com/HT206567",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206567"
},
{
"name" : "https://support.apple.com/HT206567",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206567"
"name": "APPLE-SA-2016-05-16-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
},
{
"name" : "APPLE-SA-2016-05-16-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
"name": "90696",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90696"
},
{
"name" : "90696",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/90696"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-347",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-347"
},
{
"name" : "1035895",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035895"
"name": "1035895",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035895"
}
]
}

92
2016/1xxx/CVE-2016-1951.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1951",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2016-1951",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) before 4.12 allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function."
"lang": "eng",
"value": "Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) before 4.12 allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[dev-tech-nspr] 20160217 [ANNOUNCE] NSPR 4.12 Release",
"refsource" : "MLIST",
"url" : "https://groups.google.com/forum/message/raw?msg=mozilla.dev.tech.nspr/dV4MyMsg6jw/hhWcXOgJDQAJ"
"name": "[dev-tech-nspr] 20160217 [ANNOUNCE] NSPR 4.12 Release",
"refsource": "MLIST",
"url": "https://groups.google.com/forum/message/raw?msg=mozilla.dev.tech.nspr/dV4MyMsg6jw/hhWcXOgJDQAJ"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1174015",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1174015"
"name": "92385",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92385"
},
{
"name" : "https://hg.mozilla.org/projects/nspr/rev/96381e3aaae2",
"refsource" : "CONFIRM",
"url" : "https://hg.mozilla.org/projects/nspr/rev/96381e3aaae2"
"name": "1036590",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036590"
},
{
"name" : "USN-3023-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3023-1"
"name": "https://hg.mozilla.org/projects/nspr/rev/96381e3aaae2",
"refsource": "CONFIRM",
"url": "https://hg.mozilla.org/projects/nspr/rev/96381e3aaae2"
},
{
"name" : "92385",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92385"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1174015",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1174015"
},
{
"name" : "1036590",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036590"
"name": "USN-3023-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3023-1"
}
]
}

116
2016/1xxx/CVE-2016-1981.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1981",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-1981",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS."
"lang": "eng",
"value": "QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20160119 CVE request Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/01/19/10"
"name": "[qemu-devel] 20160119 [PATCH] e1000: eliminate infinite loops on out-of-bounds transfer start",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg03454.html"
},
{
"name" : "[oss-security] 20160122 Re: CVE request Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/01/22/1"
"name": "GLSA-201604-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-01"
},
{
"name" : "[qemu-devel] 20160119 [PATCH] e1000: eliminate infinite loops on out-of-bounds transfer start",
"refsource" : "MLIST",
"url" : "https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg03454.html"
"name": "DSA-3469",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3469"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1298570",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1298570"
"name": "DSA-3470",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3470"
},
{
"name" : "DSA-3469",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3469"
"name": "[oss-security] 20160119 CVE request Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/19/10"
},
{
"name" : "DSA-3470",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3470"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1298570",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298570"
},
{
"name" : "DSA-3471",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3471"
"name": "[oss-security] 20160122 Re: CVE request Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/22/1"
},
{
"name" : "GLSA-201604-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201604-01"
"name": "RHSA-2016:2585",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2585.html"
},
{
"name" : "RHSA-2016:2585",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2585.html"
"name": "DSA-3471",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3471"
},
{
"name" : "81549",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/81549"
"name": "81549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/81549"
}
]
}

92
2016/5xxx/CVE-2016-5568.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5568",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-5568",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
"name": "93621",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93621"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20161019-0001/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20161019-0001/"
"name": "https://security.netapp.com/advisory/ntap-20161019-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20161019-0001/"
},
{
"name" : "GLSA-201611-04",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201611-04"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name" : "GLSA-201701-43",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-43"
"name": "GLSA-201701-43",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-43"
},
{
"name" : "93621",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93621"
"name": "GLSA-201611-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-04"
},
{
"name" : "1037040",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037040"
"name": "1037040",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037040"
}
]
}

70
2018/2xxx/CVE-2018-2832.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-2832",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2832",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "GoldenGate",
"version" : {
"version_data" : [
"product_name": "GoldenGate",
"version": {
"version_data": [
{
"version_affected" : "=",
"version_value" : "12.2.0.1"
"version_affected": "=",
"version_value": "12.2.0.1"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate. The supported version that is affected is 12.2.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GoldenGate. While the vulnerability is in Oracle GoldenGate, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle GoldenGate accessible data. CVSS 3.0 Base Score 8.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)."
"lang": "eng",
"value": "Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate. The supported version that is affected is 12.2.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GoldenGate. While the vulnerability is in Oracle GoldenGate, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle GoldenGate accessible data. CVSS 3.0 Base Score 8.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GoldenGate. While the vulnerability is in Oracle GoldenGate, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle GoldenGate accessible data."
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GoldenGate. While the vulnerability is in Oracle GoldenGate, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle GoldenGate accessible data."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
"name": "103843",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103843"
},
{
"name" : "103843",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103843"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
}
]
}

22
2019/0xxx/CVE-2019-0169.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0169",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0169",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/0xxx/CVE-2019-0592.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0592",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0592",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2019/0xxx/CVE-2019-0742.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0742",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0742",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Team Foundation Server 2018",
"version" : {
"version_data" : [
"product_name": "Team Foundation Server 2018",
"version": {
"version_data": [
{
"version_value" : "Update 3.2"
"version_value": "Update 3.2"
}
]
}
}
]
},
"vendor_name" : "Microsoft"
"vendor_name": "Microsoft"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0743."
"lang": "eng",
"value": "A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0743."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Spoofing"
"lang": "eng",
"value": "Spoofing"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0742",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0742"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0742",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0742"
},
{
"name" : "106967",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106967"
"name": "106967",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106967"
}
]
}

22
2019/0xxx/CVE-2019-0969.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0969",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0969",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1418.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1418",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1418",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1469.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1469",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1469",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1518.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1518",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1518",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/1xxx/CVE-2019-1791.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1791",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1791",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4071.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4071",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4071",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4307.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4307",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4307",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4329.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4329",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4329",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4474.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4474",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4474",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5068.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5068",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5068",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/5xxx/CVE-2019-5937.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5937",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5937",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8962.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8962",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8962",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9012.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9012",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9012",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9101.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9101",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9101",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9260.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9260",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9260",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9303.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9303",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9303",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2019/9xxx/CVE-2019-9776.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9776",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9776",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779)."
"lang": "eng",
"value": "An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/LibreDWG/libredwg/issues/99",
"refsource" : "MISC",
"url" : "https://github.com/LibreDWG/libredwg/issues/99"
"name": "https://savannah.gnu.org/bugs/index.php?55893",
"refsource": "MISC",
"url": "https://savannah.gnu.org/bugs/index.php?55893"
},
{
"name" : "https://savannah.gnu.org/bugs/index.php?55893",
"refsource" : "MISC",
"url" : "https://savannah.gnu.org/bugs/index.php?55893"
"name": "https://github.com/LibreDWG/libredwg/issues/99",
"refsource": "MISC",
"url": "https://github.com/LibreDWG/libredwg/issues/99"
}
]
}