admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:16:15 +00:00
parent a16163531a
commit ff96529340
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
62 changed files with 4103 additions and 4103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
2000/0xxx/CVE-2000-0127.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0127",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.progress.com/services/support/cgi-bin/techweb-kbase.cgi/webkb.html?kbid=19412&keywords=security%20Webspeed",
"refsource" : "CONFIRM",
"url" : "http://www.progress.com/services/support/cgi-bin/techweb-kbase.cgi/webkb.html?kbid=19412&keywords=security%20Webspeed"
},
{
"name" : "969",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/969"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.progress.com/services/support/cgi-bin/techweb-kbase.cgi/webkb.html?kbid=19412&keywords=security%20Webspeed",
"refsource": "CONFIRM",
"url": "http://www.progress.com/services/support/cgi-bin/techweb-kbase.cgi/webkb.html?kbid=19412&keywords=security%20Webspeed"
},
{
"name": "969",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/969"
}
]
}
}

160
2007/0xxx/CVE-2007-0189.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0189",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** PHP remote file inclusion vulnerability in index.php in GeoBB Georgian Bulletin Board allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. NOTE: CVE disputes this issue, since GeoBB 1.0 sets $action to a whitelisted value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0189",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070107 GeoBB Georgian Bulletin Board Remote File Include Vuln.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/456251/100/0/threaded"
},
{
"name" : "20070110 Dispute of GeoBB RFI",
"refsource" : "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2007-January/001230.html"
},
{
"name" : "33440",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33440"
},
{
"name" : "2141",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2141"
},
{
"name" : "geobb-index-file-include(31335)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31335"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** PHP remote file inclusion vulnerability in index.php in GeoBB Georgian Bulletin Board allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. NOTE: CVE disputes this issue, since GeoBB 1.0 sets $action to a whitelisted value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "geobb-index-file-include(31335)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31335"
},
{
"name": "20070107 GeoBB Georgian Bulletin Board Remote File Include Vuln.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456251/100/0/threaded"
},
{
"name": "2141",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2141"
},
{
"name": "33440",
"refsource": "OSVDB",
"url": "http://osvdb.org/33440"
},
{
"name": "20070110 Dispute of GeoBB RFI",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-January/001230.html"
}
]
}
}

150
2007/0xxx/CVE-2007-0707.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0707",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in GOM Player 2.0.12.3375 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the \"ref href\" tag. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0707",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.gomplayer.com/forum/viewtopic.html?t=221",
"refsource" : "MISC",
"url" : "http://www.gomplayer.com/forum/viewtopic.html?t=221"
},
{
"name" : "33080",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33080"
},
{
"name" : "23994",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23994"
},
{
"name" : "gomplayer-asx-bo(32164)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32164"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in GOM Player 2.0.12.3375 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the \"ref href\" tag. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33080",
"refsource": "OSVDB",
"url": "http://osvdb.org/33080"
},
{
"name": "23994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23994"
},
{
"name": "gomplayer-asx-bo(32164)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32164"
},
{
"name": "http://www.gomplayer.com/forum/viewtopic.html?t=221",
"refsource": "MISC",
"url": "http://www.gomplayer.com/forum/viewtopic.html?t=221"
}
]
}
}

150
2007/0xxx/CVE-2007-0794.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0794",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** SQL injection vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: this issue has been disputed by a reliable third party, who states that inc/common.php only contains function definitions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0794",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070204 dvddb-0.6 media sql-inj. vuln.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/459151/100/0/threaded"
},
{
"name" : "20070205 Re: dvddb-0.6 media sql-inj. vuln.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/459180/100/0/threaded"
},
{
"name" : "20071002 Re: dvddb-0.6 media sql-inj. vuln.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/481327/100/100/threaded"
},
{
"name" : "33670",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33670"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** SQL injection vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: this issue has been disputed by a reliable third party, who states that inc/common.php only contains function definitions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070205 Re: dvddb-0.6 media sql-inj. vuln.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459180/100/0/threaded"
},
{
"name": "20071002 Re: dvddb-0.6 media sql-inj. vuln.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481327/100/100/threaded"
},
{
"name": "20070204 dvddb-0.6 media sql-inj. vuln.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459151/100/0/threaded"
},
{
"name": "33670",
"refsource": "OSVDB",
"url": "http://osvdb.org/33670"
}
]
}
}

210
2007/1xxx/CVE-2007-1071.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1071",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image that triggers the overflow during decompression. NOTE: this is a different issue than CVE-2006-3502 and CVE-2006-3503."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1071",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://security-protocols.com/sp-x39-advisory.php",
"refsource" : "MISC",
"url" : "http://security-protocols.com/sp-x39-advisory.php"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=305214",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name" : "APPLE-SA-2007-03-13",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name" : "TA07-072A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name" : "VU#559444",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/559444"
},
{
"name" : "22630",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22630"
},
{
"name" : "ADV-2007-0930",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name" : "34854",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34854"
},
{
"name" : "1017758",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017758"
},
{
"name" : "24479",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24479"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image that triggers the overflow during decompression. NOTE: this is a different issue than CVE-2006-3502 and CVE-2006-3503."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://security-protocols.com/sp-x39-advisory.php",
"refsource": "MISC",
"url": "http://security-protocols.com/sp-x39-advisory.php"
},
{
"name": "22630",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22630"
},
{
"name": "TA07-072A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "APPLE-SA-2007-03-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305214",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "34854",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34854"
},
{
"name": "VU#559444",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/559444"
},
{
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "1017758",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017758"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
}

310
2007/1xxx/CVE-2007-1217.json
View File

@ -1,157 +1,157 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1217",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a denial of service (crash) and possibly gain privileges via a crafted CAPI packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408530",
"refsource" : "CONFIRM",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408530"
},
{
"name" : "http://bugzilla.kernel.org/show_bug.cgi?id=8028",
"refsource" : "CONFIRM",
"url" : "http://bugzilla.kernel.org/show_bug.cgi?id=8028"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm"
},
{
"name" : "GLSA-200704-23",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200704-23.xml"
},
{
"name" : "MDKSA-2007:078",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:078"
},
{
"name" : "RHSA-2007:0673",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0673.html"
},
{
"name" : "RHSA-2007:0672",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0672.html"
},
{
"name" : "RHSA-2007:0671",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0671.html"
},
{
"name" : "RHSA-2007:0774",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0774.html"
},
{
"name" : "RHSA-2007:0705",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0705.html"
},
{
"name" : "23333",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23333"
},
{
"name" : "34742",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34742"
},
{
"name" : "oval:org.mitre.oval:def:10503",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10503"
},
{
"name" : "1018539",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018539"
},
{
"name" : "24777",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24777"
},
{
"name" : "26379",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26379"
},
{
"name" : "26478",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26478"
},
{
"name" : "26709",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26709"
},
{
"name" : "26760",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26760"
},
{
"name" : "27528",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27528"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a denial of service (crash) and possibly gain privileges via a crafted CAPI packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34742",
"refsource": "OSVDB",
"url": "http://osvdb.org/34742"
},
{
"name": "oval:org.mitre.oval:def:10503",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10503"
},
{
"name": "http://bugzilla.kernel.org/show_bug.cgi?id=8028",
"refsource": "CONFIRM",
"url": "http://bugzilla.kernel.org/show_bug.cgi?id=8028"
},
{
"name": "MDKSA-2007:078",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:078"
},
{
"name": "RHSA-2007:0673",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0673.html"
},
{
"name": "GLSA-200704-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-23.xml"
},
{
"name": "24777",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24777"
},
{
"name": "27528",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27528"
},
{
"name": "26379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26379"
},
{
"name": "26760",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26760"
},
{
"name": "RHSA-2007:0705",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0705.html"
},
{
"name": "23333",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23333"
},
{
"name": "RHSA-2007:0672",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0672.html"
},
{
"name": "26709",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26709"
},
{
"name": "26478",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26478"
},
{
"name": "RHSA-2007:0774",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0774.html"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408530",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408530"
},
{
"name": "RHSA-2007:0671",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0671.html"
},
{
"name": "1018539",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018539"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm"
}
]
}
}

34
2007/1xxx/CVE-2007-1317.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1317",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1317",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

930
2007/5xxx/CVE-2007-5392.json
View File

@ -1,467 +1,467 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5392",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-5392",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/483372"
},
{
"name" : "http://secunia.com/secunia_research/2007-88/advisory/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2007-88/advisory/"
},
{
"name" : "http://www.kde.org/info/security/advisory-20071107-1.txt",
"refsource" : "CONFIRM",
"url" : "http://www.kde.org/info/security/advisory-20071107-1.txt"
},
{
"name" : "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
},
{
"name" : "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
},
{
"name" : "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
},
{
"name" : "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
},
{
"name" : "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1926",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1926"
},
{
"name" : "DSA-1480",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1480"
},
{
"name" : "DSA-1509",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1509"
},
{
"name" : "DSA-1537",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1537"
},
{
"name" : "FEDORA-2007-3100",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
},
{
"name" : "FEDORA-2007-3031",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
},
{
"name" : "FEDORA-2007-3059",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
},
{
"name" : "FEDORA-2007-4031",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
},
{
"name" : "FEDORA-2007-3390",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
},
{
"name" : "FEDORA-2007-750",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
},
{
"name" : "GLSA-200711-22",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200711-22.xml"
},
{
"name" : "GLSA-200711-34",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200711-34.xml"
},
{
"name" : "GLSA-200805-13",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200805-13.xml"
},
{
"name" : "MDKSA-2007:219",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
},
{
"name" : "MDKSA-2007:220",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
},
{
"name" : "MDKSA-2007:221",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
},
{
"name" : "MDKSA-2007:222",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
},
{
"name" : "MDKSA-2007:223",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
},
{
"name" : "MDKSA-2007:227",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
},
{
"name" : "MDKSA-2007:228",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
},
{
"name" : "MDKSA-2007:230",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
},
{
"name" : "RHSA-2007:1021",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
},
{
"name" : "RHSA-2007:1022",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
},
{
"name" : "RHSA-2007:1025",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
},
{
"name" : "RHSA-2007:1026",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
},
{
"name" : "RHSA-2007:1027",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
},
{
"name" : "RHSA-2007:1029",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
},
{
"name" : "RHSA-2007:1030",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
},
{
"name" : "RHSA-2007:1024",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
},
{
"name" : "SSA:2007-316-01",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882"
},
{
"name" : "SUSE-SA:2007:060",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
},
{
"name" : "USN-542-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-542-1"
},
{
"name" : "USN-542-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-542-2"
},
{
"name" : "26367",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26367"
},
{
"name" : "oval:org.mitre.oval:def:10036",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036"
},
{
"name" : "ADV-2007-3774",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3774"
},
{
"name" : "ADV-2007-3775",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3775"
},
{
"name" : "ADV-2007-3776",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3776"
},
{
"name" : "ADV-2007-3779",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3779"
},
{
"name" : "ADV-2007-3786",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3786"
},
{
"name" : "1018905",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018905"
},
{
"name" : "27260",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27260"
},
{
"name" : "27553",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27553"
},
{
"name" : "27573",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27573"
},
{
"name" : "27574",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27574"
},
{
"name" : "27575",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27575"
},
{
"name" : "27577",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27577"
},
{
"name" : "27578",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27578"
},
{
"name" : "27615",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27615"
},
{
"name" : "27637",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27637"
},
{
"name" : "27599",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27599"
},
{
"name" : "26503",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26503"
},
{
"name" : "27618",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27618"
},
{
"name" : "27619",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27619"
},
{
"name" : "27640",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27640"
},
{
"name" : "27641",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27641"
},
{
"name" : "27642",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27642"
},
{
"name" : "27656",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27656"
},
{
"name" : "27632",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27632"
},
{
"name" : "27645",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27645"
},
{
"name" : "27636",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27636"
},
{
"name" : "27634",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27634"
},
{
"name" : "27658",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27658"
},
{
"name" : "27705",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27705"
},
{
"name" : "27721",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27721"
},
{
"name" : "27724",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27724"
},
{
"name" : "27743",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27743"
},
{
"name" : "27856",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27856"
},
{
"name" : "28043",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28043"
},
{
"name" : "28812",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28812"
},
{
"name" : "29104",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29104"
},
{
"name" : "29604",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29604"
},
{
"name" : "30168",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30168"
},
{
"name" : "xpdf-dctstreamreset-bo(38303)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38303"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SA:2007:060",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_60_pdf.html"
},
{
"name": "27632",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27632"
},
{
"name": "27743",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27743"
},
{
"name": "MDKSA-2007:222",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"
},
{
"name": "ADV-2007-3774",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3774"
},
{
"name": "27260",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27260"
},
{
"name": "27856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27856"
},
{
"name": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"
},
{
"name": "27636",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27636"
},
{
"name": "29604",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29604"
},
{
"name": "MDKSA-2007:223",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"
},
{
"name": "27721",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27721"
},
{
"name": "27724",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27724"
},
{
"name": "ADV-2007-3776",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3776"
},
{
"name": "FEDORA-2007-3059",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"
},
{
"name": "27577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27577"
},
{
"name": "29104",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29104"
},
{
"name": "FEDORA-2007-3031",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"
},
{
"name": "27618",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27618"
},
{
"name": "27642",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27642"
},
{
"name": "FEDORA-2007-4031",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"
},
{
"name": "27656",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27656"
},
{
"name": "http://secunia.com/secunia_research/2007-88/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-88/advisory/"
},
{
"name": "FEDORA-2007-3100",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"
},
{
"name": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"
},
{
"name": "RHSA-2007:1026",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1026.html"
},
{
"name": "DSA-1509",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1509"
},
{
"name": "RHSA-2007:1022",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1022.html"
},
{
"name": "27573",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27573"
},
{
"name": "RHSA-2007:1029",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1029.html"
},
{
"name": "27641",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27641"
},
{
"name": "GLSA-200805-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
},
{
"name": "28812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28812"
},
{
"name": "DSA-1537",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1537"
},
{
"name": "FEDORA-2007-750",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
},
{
"name": "SSA:2007-316-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882"
},
{
"name": "26367",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26367"
},
{
"name": "27615",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27615"
},
{
"name": "RHSA-2007:1021",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1021.html"
},
{
"name": "ADV-2007-3786",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3786"
},
{
"name": "27645",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27645"
},
{
"name": "20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483372"
},
{
"name": "30168",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30168"
},
{
"name": "27574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27574"
},
{
"name": "https://issues.rpath.com/browse/RPL-1926",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1926"
},
{
"name": "26503",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26503"
},
{
"name": "MDKSA-2007:219",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"
},
{
"name": "DSA-1480",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1480"
},
{
"name": "GLSA-200711-22",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200711-22.xml"
},
{
"name": "27634",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27634"
},
{
"name": "MDKSA-2007:227",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"
},
{
"name": "http://www.kde.org/info/security/advisory-20071107-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20071107-1.txt"
},
{
"name": "28043",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28043"
},
{
"name": "oval:org.mitre.oval:def:10036",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036"
},
{
"name": "27619",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27619"
},
{
"name": "xpdf-dctstreamreset-bo(38303)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38303"
},
{
"name": "MDKSA-2007:220",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"
},
{
"name": "27705",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27705"
},
{
"name": "27578",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27578"
},
{
"name": "27640",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27640"
},
{
"name": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"
},
{
"name": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"
},
{
"name": "GLSA-200711-34",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
},
{
"name": "27599",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27599"
},
{
"name": "27575",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27575"
},
{
"name": "1018905",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018905"
},
{
"name": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"
},
{
"name": "FEDORA-2007-3390",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
},
{
"name": "MDKSA-2007:228",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"
},
{
"name": "ADV-2007-3775",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3775"
},
{
"name": "RHSA-2007:1027",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
},
{
"name": "RHSA-2007:1030",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
},
{
"name": "USN-542-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-542-1"
},
{
"name": "27658",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27658"
},
{
"name": "RHSA-2007:1024",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1024.html"
},
{
"name": "MDKSA-2007:230",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
},
{
"name": "USN-542-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-542-2"
},
{
"name": "RHSA-2007:1025",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1025.html"
},
{
"name": "ADV-2007-3779",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3779"
},
{
"name": "MDKSA-2007:221",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"
},
{
"name": "27553",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27553"
},
{
"name": "27637",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27637"
}
]
}
}

240
2007/5xxx/CVE-2007-5418.json
View File

@ -1,122 +1,122 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5418",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in CARE2X 2G 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) en_copyrite.php, (2) vi_copyrite.php, and (3) ar_copyrite.php in language/ directories; (4) class_access.php, (5) class_department.php, (6) class_config.php, (7) class_image.php, (8) class_ward.php, and (9) class_product.php in include/care_api_classes/; (10) gui/smarty_template/smarty_care.class.php; and possibly other components, different vectors than CVE-2007-1458."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5418",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071010 Vulnerabilities digest",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
},
{
"name" : "http://securityvulns.com/Rdocument960.html",
"refsource" : "MISC",
"url" : "http://securityvulns.com/Rdocument960.html"
},
{
"name" : "43639",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43639"
},
{
"name" : "43640",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43640"
},
{
"name" : "43641",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43641"
},
{
"name" : "43642",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43642"
},
{
"name" : "43643",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43643"
},
{
"name" : "43644",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43644"
},
{
"name" : "43645",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43645"
},
{
"name" : "43646",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43646"
},
{
"name" : "43647",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43647"
},
{
"name" : "43648",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43648"
},
{
"name" : "3216",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3216"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in CARE2X 2G 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) en_copyrite.php, (2) vi_copyrite.php, and (3) ar_copyrite.php in language/ directories; (4) class_access.php, (5) class_department.php, (6) class_config.php, (7) class_image.php, (8) class_ward.php, and (9) class_product.php in include/care_api_classes/; (10) gui/smarty_template/smarty_care.class.php; and possibly other components, different vectors than CVE-2007-1458."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43640",
"refsource": "OSVDB",
"url": "http://osvdb.org/43640"
},
{
"name": "43641",
"refsource": "OSVDB",
"url": "http://osvdb.org/43641"
},
{
"name": "43642",
"refsource": "OSVDB",
"url": "http://osvdb.org/43642"
},
{
"name": "43647",
"refsource": "OSVDB",
"url": "http://osvdb.org/43647"
},
{
"name": "43639",
"refsource": "OSVDB",
"url": "http://osvdb.org/43639"
},
{
"name": "43648",
"refsource": "OSVDB",
"url": "http://osvdb.org/43648"
},
{
"name": "43643",
"refsource": "OSVDB",
"url": "http://osvdb.org/43643"
},
{
"name": "20071010 Vulnerabilities digest",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
},
{
"name": "3216",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3216"
},
{
"name": "43645",
"refsource": "OSVDB",
"url": "http://osvdb.org/43645"
},
{
"name": "43646",
"refsource": "OSVDB",
"url": "http://osvdb.org/43646"
},
{
"name": "43644",
"refsource": "OSVDB",
"url": "http://osvdb.org/43644"
},
{
"name": "http://securityvulns.com/Rdocument960.html",
"refsource": "MISC",
"url": "http://securityvulns.com/Rdocument960.html"
}
]
}
}

230
2007/5xxx/CVE-2007-5666.json
View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5666",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20080208 Adobe Reader Security Provider Unsafe Libary Path Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=655"
},
{
"name" : "http://www.adobe.com/support/security/advisories/apsa08-01.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/advisories/apsa08-01.html"
},
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb08-13.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb08-13.html"
},
{
"name" : "GLSA-200803-01",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200803-01.xml"
},
{
"name" : "RHSA-2008:0144",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0144.html"
},
{
"name" : "239286",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1"
},
{
"name" : "TA08-043A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-043A.html"
},
{
"name" : "oval:org.mitre.oval:def:11161",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11161"
},
{
"name" : "ADV-2008-1966",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1966/references"
},
{
"name" : "29065",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29065"
},
{
"name" : "29205",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29205"
},
{
"name" : "30840",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30840"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "TA08-043A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-043A.html"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb08-13.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb08-13.html"
},
{
"name": "ADV-2008-1966",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1966/references"
},
{
"name": "oval:org.mitre.oval:def:11161",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11161"
},
{
"name": "http://www.adobe.com/support/security/advisories/apsa08-01.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/advisories/apsa08-01.html"
},
{
"name": "239286",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1"
},
{
"name": "GLSA-200803-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200803-01.xml"
},
{
"name": "29065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29065"
},
{
"name": "30840",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30840"
},
{
"name": "29205",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29205"
},
{
"name": "20080208 Adobe Reader Security Provider Unsafe Libary Path Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=655"
},
{
"name": "RHSA-2008:0144",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0144.html"
}
]
}
}

150
2007/5xxx/CVE-2007-5897.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5897",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515, CVE-2007-5509, or CVE-2007-5505, but there are insufficient details to be sure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5897",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071029 Team SHATTER Alert: Oracle Database Buffer overflow vulnerability in function MDSYS.SDO_CS.TRANSFORM",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/482918/100/100/threaded"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
},
{
"name" : "26243",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26243"
},
{
"name" : "40081",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/40081"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515, CVE-2007-5509, or CVE-2007-5505, but there are insufficient details to be sure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
},
{
"name": "40081",
"refsource": "OSVDB",
"url": "http://osvdb.org/40081"
},
{
"name": "26243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26243"
},
{
"name": "20071029 Team SHATTER Alert: Oracle Database Buffer overflow vulnerability in function MDSYS.SDO_CS.TRANSFORM",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482918/100/100/threaded"
}
]
}
}

190
2015/3xxx/CVE-2015-3078.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3078",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3089, CVE-2015-3090, and CVE-2015-3093."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-3078",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html"
},
{
"name" : "GLSA-201505-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201505-02"
},
{
"name" : "RHSA-2015:1005",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1005.html"
},
{
"name" : "SUSE-SU-2015:0878",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html"
},
{
"name" : "openSUSE-SU-2015:0890",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html"
},
{
"name" : "openSUSE-SU-2015:0914",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html"
},
{
"name" : "74605",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74605"
},
{
"name" : "1032285",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032285"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3089, CVE-2015-3090, and CVE-2015-3093."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032285",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032285"
},
{
"name": "SUSE-SU-2015:0878",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html"
},
{
"name": "openSUSE-SU-2015:0890",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html"
},
{
"name": "GLSA-201505-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201505-02"
},
{
"name": "openSUSE-SU-2015:0914",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html"
},
{
"name": "RHSA-2015:1005",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1005.html"
},
{
"name": "74605",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74605"
}
]
}
}

190
2015/3xxx/CVE-2015-3084.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3084",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2015-3077 and CVE-2015-3086."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-3084",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html"
},
{
"name" : "GLSA-201505-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201505-02"
},
{
"name" : "RHSA-2015:1005",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1005.html"
},
{
"name" : "SUSE-SU-2015:0878",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html"
},
{
"name" : "openSUSE-SU-2015:0890",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html"
},
{
"name" : "openSUSE-SU-2015:0914",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html"
},
{
"name" : "74614",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74614"
},
{
"name" : "1032285",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032285"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2015-3077 and CVE-2015-3086."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032285",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032285"
},
{
"name": "SUSE-SU-2015:0878",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html"
},
{
"name": "openSUSE-SU-2015:0890",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html"
},
{
"name": "GLSA-201505-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201505-02"
},
{
"name": "74614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74614"
},
{
"name": "openSUSE-SU-2015:0914",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html"
},
{
"name": "RHSA-2015:1005",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1005.html"
}
]
}
}

190
2015/3xxx/CVE-2015-3091.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3091",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-3092."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-3091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html"
},
{
"name" : "GLSA-201505-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201505-02"
},
{
"name" : "RHSA-2015:1005",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1005.html"
},
{
"name" : "SUSE-SU-2015:0878",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html"
},
{
"name" : "openSUSE-SU-2015:0890",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html"
},
{
"name" : "openSUSE-SU-2015:0914",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html"
},
{
"name" : "74617",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74617"
},
{
"name" : "1032285",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032285"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-3092."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032285",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032285"
},
{
"name": "SUSE-SU-2015:0878",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html"
},
{
"name": "openSUSE-SU-2015:0890",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html"
},
{
"name": "74617",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74617"
},
{
"name": "GLSA-201505-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201505-02"
},
{
"name": "openSUSE-SU-2015:0914",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html"
},
{
"name": "RHSA-2015:1005",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1005.html"
}
]
}
}

34
2015/3xxx/CVE-2015-3578.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3578",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3578",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

160
2015/3xxx/CVE-2015-3932.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3932",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netlock Mokka before 2.7.8.1204 allows remote attackers to perform XML signature wrapping attacks via an e-akta signed document with a ds:Object node with a crafted payload prepended to a valid ds:Object."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3932",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.com/files/132473/Microsec-e-Szigno-Netlock-Mokka-XML-Signature-Wrapping.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/132473/Microsec-e-Szigno-Netlock-Mokka-XML-Signature-Wrapping.html"
},
{
"name" : "http://www.neih.gov.hu/?q=node/66",
"refsource" : "MISC",
"url" : "http://www.neih.gov.hu/?q=node/66"
},
{
"name" : "https://www.search-lab.hu/about-us/news/107-37-million-digitally-signed-documents-had-to-be-reverified",
"refsource" : "MISC",
"url" : "https://www.search-lab.hu/about-us/news/107-37-million-digitally-signed-documents-had-to-be-reverified"
},
{
"name" : "https://www.search-lab.hu/eakta",
"refsource" : "MISC",
"url" : "https://www.search-lab.hu/eakta"
},
{
"name" : "75489",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75489"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netlock Mokka before 2.7.8.1204 allows remote attackers to perform XML signature wrapping attacks via an e-akta signed document with a ds:Object node with a crafted payload prepended to a valid ds:Object."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75489",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75489"
},
{
"name": "https://www.search-lab.hu/about-us/news/107-37-million-digitally-signed-documents-had-to-be-reverified",
"refsource": "MISC",
"url": "https://www.search-lab.hu/about-us/news/107-37-million-digitally-signed-documents-had-to-be-reverified"
},
{
"name": "http://packetstormsecurity.com/files/132473/Microsec-e-Szigno-Netlock-Mokka-XML-Signature-Wrapping.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132473/Microsec-e-Szigno-Netlock-Mokka-XML-Signature-Wrapping.html"
},
{
"name": "http://www.neih.gov.hu/?q=node/66",
"refsource": "MISC",
"url": "http://www.neih.gov.hu/?q=node/66"
},
{
"name": "https://www.search-lab.hu/eakta",
"refsource": "MISC",
"url": "https://www.search-lab.hu/eakta"
}
]
}
}

34
2015/3xxx/CVE-2015-3975.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3975",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-3975",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none."
}
]
}
}

160
2015/6xxx/CVE-2015-6135.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6135",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Scripting Engine Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-6135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-586",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-586"
},
{
"name" : "MS15-124",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124"
},
{
"name" : "MS15-126",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-126"
},
{
"name" : "1034317",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034317"
},
{
"name" : "1034315",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034315"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Scripting Engine Information Disclosure Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS15-126",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-126"
},
{
"name": "1034315",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034315"
},
{
"name": "MS15-124",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-586",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-586"
},
{
"name": "1034317",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034317"
}
]
}
}

150
2015/6xxx/CVE-2015-6587.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6587",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-6587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[OpenAFS-announce] 20150730 SECURITY RELEASE: 1.6.13 now available",
"refsource" : "MLIST",
"url" : "https://lists.openafs.org/pipermail/openafs-announce/2015/000486.html"
},
{
"name" : "http://www.openafs.org/pages/security/OPENAFS-SA-2015-006.txt",
"refsource" : "CONFIRM",
"url" : "http://www.openafs.org/pages/security/OPENAFS-SA-2015-006.txt"
},
{
"name" : "https://www.openafs.org/dl/openafs/1.6.13/RELNOTES-1.6.13",
"refsource" : "CONFIRM",
"url" : "https://www.openafs.org/dl/openafs/1.6.13/RELNOTES-1.6.13"
},
{
"name" : "DSA-3320",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3320"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.openafs.org/pages/security/OPENAFS-SA-2015-006.txt",
"refsource": "CONFIRM",
"url": "http://www.openafs.org/pages/security/OPENAFS-SA-2015-006.txt"
},
{
"name": "https://www.openafs.org/dl/openafs/1.6.13/RELNOTES-1.6.13",
"refsource": "CONFIRM",
"url": "https://www.openafs.org/dl/openafs/1.6.13/RELNOTES-1.6.13"
},
{
"name": "DSA-3320",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3320"
},
{
"name": "[OpenAFS-announce] 20150730 SECURITY RELEASE: 1.6.13 now available",
"refsource": "MLIST",
"url": "https://lists.openafs.org/pipermail/openafs-announce/2015/000486.html"
}
]
}
}

210
2015/6xxx/CVE-2015-6781.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6781",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the FontData::Bound function in data/font_data.cc in Google sfntly, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted offset or length value within font data in an SFNT container."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-6781",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=497302",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=497302"
},
{
"name" : "https://codereview.chromium.org/1367323002/",
"refsource" : "CONFIRM",
"url" : "https://codereview.chromium.org/1367323002/"
},
{
"name" : "https://github.com/googlei18n/sfntly/commit/de776d4ef06ca29c240de3444348894f032b03ff",
"refsource" : "CONFIRM",
"url" : "https://github.com/googlei18n/sfntly/commit/de776d4ef06ca29c240de3444348894f032b03ff"
},
{
"name" : "DSA-3415",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3415"
},
{
"name" : "GLSA-201603-09",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-09"
},
{
"name" : "openSUSE-SU-2015:2290",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"
},
{
"name" : "openSUSE-SU-2015:2291",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"
},
{
"name" : "78416",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/78416"
},
{
"name" : "1034298",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034298"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the FontData::Bound function in data/font_data.cc in Google sfntly, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted offset or length value within font data in an SFNT container."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://code.google.com/p/chromium/issues/detail?id=497302",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=497302"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"
},
{
"name": "openSUSE-SU-2015:2290",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"
},
{
"name": "https://github.com/googlei18n/sfntly/commit/de776d4ef06ca29c240de3444348894f032b03ff",
"refsource": "CONFIRM",
"url": "https://github.com/googlei18n/sfntly/commit/de776d4ef06ca29c240de3444348894f032b03ff"
},
{
"name": "GLSA-201603-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name": "78416",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78416"
},
{
"name": "DSA-3415",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3415"
},
{
"name": "https://codereview.chromium.org/1367323002/",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1367323002/"
},
{
"name": "openSUSE-SU-2015:2291",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"
},
{
"name": "1034298",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034298"
}
]
}
}

130
2015/6xxx/CVE-2015-6805.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6805",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the MDC Private Message plugin 1.0.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the message field in a private message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "37907",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/37907/"
},
{
"name" : "https://wpvulndb.com/vulnerabilities/8154",
"refsource" : "MISC",
"url" : "https://wpvulndb.com/vulnerabilities/8154"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the MDC Private Message plugin 1.0.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the message field in a private message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37907",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37907/"
},
{
"name": "https://wpvulndb.com/vulnerabilities/8154",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/8154"
}
]
}
}

34
2015/6xxx/CVE-2015-6903.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6903",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-6903",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}

130
2015/7xxx/CVE-2015-7442.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7442",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "consoleinst.sh in IBM Installation Manager before 1.7.4.4 and 1.8.x before 1.8.4 and Packaging Utility before 1.7.4.4 and 1.8.x before 1.8.4 allows local users to gain privileges via a Trojan horse program that is located in /tmp with a name based on a predicted PID value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-7442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21971295",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21971295"
},
{
"name" : "77558",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77558"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "consoleinst.sh in IBM Installation Manager before 1.7.4.4 and 1.8.x before 1.8.4 and Packaging Utility before 1.7.4.4 and 1.8.x before 1.8.4 allows local users to gain privileges via a Trojan horse program that is located in /tmp with a name based on a predicted PID value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21971295",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971295"
},
{
"name": "77558",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77558"
}
]
}
}

140
2015/8xxx/CVE-2015-8757.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8757",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Extension Manager in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to extension data during an extension installation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8757",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-010/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-010/"
},
{
"name" : "79254",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/79254"
},
{
"name" : "1034482",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034482"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Extension Manager in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to extension data during an extension installation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-010/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-010/"
},
{
"name": "79254",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79254"
},
{
"name": "1034482",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034482"
}
]
}
}

170
2015/8xxx/CVE-2015-8842.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8842",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions for /var/log/journal/%m/system.journal, which allows local users to obtain sensitive information by reading the file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"ID": "CVE-2015-8842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160408 CVE Request: systemd / journald created world readable journal files",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/04/08/14"
},
{
"name" : "[oss-security] 20160408 Re: CVE Request: systemd / journald created world readable journal files",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/04/08/15"
},
{
"name" : "https://bugzilla.suse.com/show_bug.cgi?id=972612",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.suse.com/show_bug.cgi?id=972612"
},
{
"name" : "https://github.com/systemd/systemd/commit/afae249efa4774c6676738ac5de6aeb4daf4889f",
"refsource" : "CONFIRM",
"url" : "https://github.com/systemd/systemd/commit/afae249efa4774c6676738ac5de6aeb4daf4889f"
},
{
"name" : "openSUSE-SU-2016:1101",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00044.html"
},
{
"name" : "openSUSE-SU-2016:1414",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-05/msg00109.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions for /var/log/journal/%m/system.journal, which allows local users to obtain sensitive information by reading the file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/systemd/systemd/commit/afae249efa4774c6676738ac5de6aeb4daf4889f",
"refsource": "CONFIRM",
"url": "https://github.com/systemd/systemd/commit/afae249efa4774c6676738ac5de6aeb4daf4889f"
},
{
"name": "[oss-security] 20160408 Re: CVE Request: systemd / journald created world readable journal files",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/08/15"
},
{
"name": "[oss-security] 20160408 CVE Request: systemd / journald created world readable journal files",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/08/14"
},
{
"name": "openSUSE-SU-2016:1414",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00109.html"
},
{
"name": "openSUSE-SU-2016:1101",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00044.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=972612",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=972612"
}
]
}
}

140
2016/0xxx/CVE-2016-0141.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0141",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive information via unspecified vectors, aka \"Microsoft Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-0141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS16-107",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107"
},
{
"name" : "92903",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92903"
},
{
"name" : "1036785",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036785"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive information via unspecified vectors, aka \"Microsoft Information Disclosure Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "92903",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92903"
},
{
"name": "1036785",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036785"
},
{
"name": "MS16-107",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107"
}
]
}
}

120
2016/0xxx/CVE-2016-0275.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0275",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows local users to obtain sensitive information via vectors related to cacheable HTTPS responses."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21977245",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21977245"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows local users to obtain sensitive information via vectors related to cacheable HTTPS responses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21977245",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977245"
}
]
}
}

166
2016/0xxx/CVE-2016-0308.json
View File

@ -1,85 +1,85 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0308",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Connections",
"version" : {
"version_data" : [
{
"version_value" : "4.5"
},
{
"version_value" : "3.0"
},
{
"version_value" : "3.0.1"
},
{
"version_value" : "3.0.1.1"
},
{
"version_value" : "4.0"
},
{
"version_value" : "5.0"
},
{
"version_value" : "5.5"
}
]
}
}
]
},
"vendor_name" : "IBM Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Connections",
"version": {
"version_data": [
{
"version_value": "4.5"
},
{
"version_value": "3.0"
},
{
"version_value": "3.0.1"
},
{
"version_value": "3.0.1.1"
},
{
"version_value": "4.0"
},
{
"version_value": "5.0"
},
{
"version_value": "5.5"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21986770",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21986770"
},
{
"name" : "92439",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92439"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21986770",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21986770"
},
{
"name": "92439",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92439"
}
]
}
}

150
2016/0xxx/CVE-2016-0954.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0954",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Digital Editions before 4.5.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-0954",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "39533",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/39533/"
},
{
"name" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-06.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-06.html"
},
{
"name" : "84214",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84214"
},
{
"name" : "1035201",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035201"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Digital Editions before 4.5.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "84214",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84214"
},
{
"name": "1035201",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035201"
},
{
"name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-06.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-06.html"
},
{
"name": "39533",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39533/"
}
]
}
}

34
2016/1000xxx/CVE-2016-1000210.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1000210",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000210",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

130
2016/1xxx/CVE-2016-1037.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1037",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"name" : "1035828",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035828"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}

260
2016/1xxx/CVE-2016-1526.json
View File

@ -1,132 +1,132 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1526",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-1526",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html",
"refsource" : "MISC",
"url" : "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html"
},
{
"name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name" : "DSA-3479",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3479"
},
{
"name" : "FEDORA-2016-338a7e9925",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html"
},
{
"name" : "FEDORA-2016-4154a4d0ba",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html"
},
{
"name" : "GLSA-201701-35",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-35"
},
{
"name" : "GLSA-201701-63",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-63"
},
{
"name" : "RHSA-2016:0594",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0594.html"
},
{
"name" : "RHSA-2016:0695",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0695.html"
},
{
"name" : "SUSE-SU-2016:0779",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html"
},
{
"name" : "openSUSE-SU-2016:0791",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html"
},
{
"name" : "openSUSE-SU-2016:0875",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html"
},
{
"name" : "USN-2902-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2902-1"
},
{
"name" : "82991",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/82991"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:0875",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html"
},
{
"name": "GLSA-201701-35",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-35"
},
{
"name": "82991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/82991"
},
{
"name": "USN-2902-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2902-1"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "RHSA-2016:0695",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0695.html"
},
{
"name": "RHSA-2016:0594",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0594.html"
},
{
"name": "openSUSE-SU-2016:0791",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html"
},
{
"name": "DSA-3479",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3479"
},
{
"name": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html",
"refsource": "MISC",
"url": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html"
},
{
"name": "FEDORA-2016-4154a4d0ba",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html"
},
{
"name": "SUSE-SU-2016:0779",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html"
},
{
"name": "GLSA-201701-63",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-63"
},
{
"name": "FEDORA-2016-338a7e9925",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html"
},
{
"name": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html"
}
]
}
}

210
2016/1xxx/CVE-2016-1811.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1811",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-1811",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.apple.com/HT206564",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206564"
},
{
"name" : "https://support.apple.com/HT206566",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206566"
},
{
"name" : "https://support.apple.com/HT206567",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206567"
},
{
"name" : "https://support.apple.com/HT206568",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206568"
},
{
"name" : "APPLE-SA-2016-05-16-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html"
},
{
"name" : "APPLE-SA-2016-05-16-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html"
},
{
"name" : "APPLE-SA-2016-05-16-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html"
},
{
"name" : "APPLE-SA-2016-05-16-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
},
{
"name" : "90694",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/90694"
},
{
"name" : "1035890",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035890"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ImageIO in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT206567",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206567"
},
{
"name": "APPLE-SA-2016-05-16-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
},
{
"name": "https://support.apple.com/HT206566",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206566"
},
{
"name": "90694",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90694"
},
{
"name": "APPLE-SA-2016-05-16-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html"
},
{
"name": "https://support.apple.com/HT206564",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206564"
},
{
"name": "1035890",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035890"
},
{
"name": "APPLE-SA-2016-05-16-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html"
},
{
"name": "https://support.apple.com/HT206568",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206568"
},
{
"name": "APPLE-SA-2016-05-16-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html"
}
]
}
}

210
2016/1xxx/CVE-2016-1854.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1854",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1855, CVE-2016-1856, and CVE-2016-1857."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-1854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20160530 WebKitGTK+ Security Advisory WSA-2016-0004",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/538522/100/0/threaded"
},
{
"name" : "http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-341",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-341"
},
{
"name" : "https://support.apple.com/HT206564",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206564"
},
{
"name" : "https://support.apple.com/HT206565",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206565"
},
{
"name" : "https://support.apple.com/HT206568",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206568"
},
{
"name" : "APPLE-SA-2016-05-16-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html"
},
{
"name" : "APPLE-SA-2016-05-16-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html"
},
{
"name" : "APPLE-SA-2016-05-16-5",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00005.html"
},
{
"name" : "1035888",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035888"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1855, CVE-2016-1856, and CVE-2016-1857."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2016-05-16-5",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00005.html"
},
{
"name": "1035888",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035888"
},
{
"name": "http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137229/WebKitGTK-Code-Execution-Denial-Of-Service-Memory-Corruption.html"
},
{
"name": "https://support.apple.com/HT206564",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206564"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-341",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-341"
},
{
"name": "APPLE-SA-2016-05-16-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html"
},
{
"name": "https://support.apple.com/HT206565",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206565"
},
{
"name": "20160530 WebKitGTK+ Security Advisory WSA-2016-0004",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/538522/100/0/threaded"
},
{
"name": "https://support.apple.com/HT206568",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206568"
},
{
"name": "APPLE-SA-2016-05-16-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html"
}
]
}
}

180
2016/1xxx/CVE-2016-1983.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1983",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The client_host function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160121 CVE request for Privoxy 3.0.24",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/01/21/4"
},
{
"name" : "[oss-security] 20160121 Re: CVE request for Privoxy 3.0.24",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/01/22/3"
},
{
"name" : "http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.302&r2=1.303",
"refsource" : "CONFIRM",
"url" : "http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.302&r2=1.303"
},
{
"name" : "http://www.privoxy.org/announce.txt",
"refsource" : "CONFIRM",
"url" : "http://www.privoxy.org/announce.txt"
},
{
"name" : "DSA-3460",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3460"
},
{
"name" : "FEDORA-2016-29995fbd42",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176475.html"
},
{
"name" : "FEDORA-2016-bc7acd24c6",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176492.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The client_host function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3460",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3460"
},
{
"name": "[oss-security] 20160121 Re: CVE request for Privoxy 3.0.24",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/22/3"
},
{
"name": "[oss-security] 20160121 CVE request for Privoxy 3.0.24",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/21/4"
},
{
"name": "http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.302&r2=1.303",
"refsource": "CONFIRM",
"url": "http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.302&r2=1.303"
},
{
"name": "FEDORA-2016-bc7acd24c6",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176492.html"
},
{
"name": "FEDORA-2016-29995fbd42",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176475.html"
},
{
"name": "http://www.privoxy.org/announce.txt",
"refsource": "CONFIRM",
"url": "http://www.privoxy.org/announce.txt"
}
]
}
}

160
2016/5xxx/CVE-2016-5214.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-5214",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Google Chrome prior to 55.0.2883.75 for Windows",
"version" : {
"version_data" : [
{
"version_value" : "Google Chrome prior to 55.0.2883.75 for Windows"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome prior to 55.0.2883.75 for Windows mishandled downloaded files, which allowed a remote attacker to prevent the downloaded file from receiving the Mark of the Web via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "insufficient policy enforcement"
}
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-5214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Google Chrome prior to 55.0.2883.75 for Windows",
"version": {
"version_data": [
{
"version_value": "Google Chrome prior to 55.0.2883.75 for Windows"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html",
"refsource" : "CONFIRM",
"url" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html"
},
{
"name" : "https://crbug.com/601538",
"refsource" : "CONFIRM",
"url" : "https://crbug.com/601538"
},
{
"name" : "GLSA-201612-11",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201612-11"
},
{
"name" : "RHSA-2016:2919",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2919.html"
},
{
"name" : "94633",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94633"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome prior to 55.0.2883.75 for Windows mishandled downloaded files, which allowed a remote attacker to prevent the downloaded file from receiving the Mark of the Web via a crafted HTML page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:2919",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2919.html"
},
{
"name": "94633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94633"
},
{
"name": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html"
},
{
"name": "GLSA-201612-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-11"
},
{
"name": "https://crbug.com/601538",
"refsource": "CONFIRM",
"url": "https://crbug.com/601538"
}
]
}
}

170
2016/5xxx/CVE-2016-5439.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5439",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-5439",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "RHSA-2016:1601",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1601.html"
},
{
"name" : "USN-3040-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3040-1"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
},
{
"name" : "91969",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91969"
},
{
"name" : "1036362",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036362"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3040-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3040-1"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "RHSA-2016:1601",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1601.html"
},
{
"name": "91969",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91969"
},
{
"name": "1036362",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036362"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
}
]
}
}

150
2016/5xxx/CVE-2016-5446.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5446",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Infrastructure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-5446",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
},
{
"name" : "91998",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91998"
},
{
"name" : "1036408",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036408"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Infrastructure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036408",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036408"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "91998",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91998"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
}
]
}
}

276
2016/5xxx/CVE-2016-5933.json
View File

@ -1,140 +1,140 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-5933",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Tivoli Monitoring V6",
"version" : {
"version_data" : [
{
"version_value" : "6.2.0"
},
{
"version_value" : "6.2.1"
},
{
"version_value" : "6.2.2"
},
{
"version_value" : "6.2.3"
},
{
"version_value" : "6.3.0"
},
{
"version_value" : "6.2.3.1"
},
{
"version_value" : "6.2.3.2"
},
{
"version_value" : "6.2.3.3"
},
{
"version_value" : "6.2.3.4"
},
{
"version_value" : "6.2.3.5"
},
{
"version_value" : "6.3"
},
{
"version_value" : "6.3.0.1"
},
{
"version_value" : "6.3.0.2"
},
{
"version_value" : "6.3.0.3"
},
{
"version_value" : "6.3.0.4"
},
{
"version_value" : "6.3.1"
},
{
"version_value" : "6.3.0.5"
},
{
"version_value" : "6.3.0.6"
},
{
"version_value" : "6.2.2.2"
},
{
"version_value" : "6.2.2.3"
},
{
"version_value" : "6.2.2.4"
},
{
"version_value" : "6.2.2.5"
},
{
"version_value" : "6.2.2.6"
},
{
"version_value" : "6.2.2.7"
},
{
"version_value" : "6.2.2.8"
},
{
"version_value" : "6.2.2.9"
},
{
"version_value" : "6.3.0.7"
}
]
}
}
]
},
"vendor_name" : "IBM Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-5933",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tivoli Monitoring V6",
"version": {
"version_data": [
{
"version_value": "6.2.0"
},
{
"version_value": "6.2.1"
},
{
"version_value": "6.2.2"
},
{
"version_value": "6.2.3"
},
{
"version_value": "6.3.0"
},
{
"version_value": "6.2.3.1"
},
{
"version_value": "6.2.3.2"
},
{
"version_value": "6.2.3.3"
},
{
"version_value": "6.2.3.4"
},
{
"version_value": "6.2.3.5"
},
{
"version_value": "6.3"
},
{
"version_value": "6.3.0.1"
},
{
"version_value": "6.3.0.2"
},
{
"version_value": "6.3.0.3"
},
{
"version_value": "6.3.0.4"
},
{
"version_value": "6.3.1"
},
{
"version_value": "6.3.0.5"
},
{
"version_value": "6.3.0.6"
},
{
"version_value": "6.2.2.2"
},
{
"version_value": "6.2.2.3"
},
{
"version_value": "6.2.2.4"
},
{
"version_value": "6.2.2.5"
},
{
"version_value": "6.2.2.6"
},
{
"version_value": "6.2.2.7"
},
{
"version_value": "6.2.2.8"
},
{
"version_value": "6.2.2.9"
},
{
"version_value": "6.3.0.7"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21997223",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21997223"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21997223",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21997223"
}
]
}
}

130
2016/5xxx/CVE-2016-5975.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5975",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Web UI in the web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerability than CVE-2016-5978."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-5975",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21990216",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21990216"
},
{
"name" : "93135",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93135"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Web UI in the web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerability than CVE-2016-5978."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21990216",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990216"
},
{
"name": "93135",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93135"
}
]
}
}

248
2019/0xxx/CVE-2019-0006.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "sirt@juniper.net",
"DATE_PUBLIC" : "2019-01-09T17:00:00.000Z",
"ID" : "CVE-2019-0006",
"STATE" : "PUBLIC",
"TITLE" : "Junos OS: EX, QFX and MX series: Packet Forwarding Engine manager (FXPC) process crashes due to a crafted HTTP packet in a Virtual Chassis configuration "
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Junos OS",
"version" : {
"version_data" : [
{
"affected" : "<",
"platform" : "EX Virtual Chassis Platforms, QFX Virtual Chassis Platforms",
"version_name" : "14.1X53",
"version_value" : "14.1X53-D47"
},
{
"affected" : "<",
"platform" : "EX Virtual Chassis Platforms, QFX Virtual Chassis Platforms, MX Virtual Chassis Platforms",
"version_name" : "15.1",
"version_value" : "15.1R7-S3"
},
{
"affected" : "<",
"platform" : "EX Virtual Chassis Platforms, QFX Virtual Chassis Platforms",
"version_name" : "15.1X53",
"version_value" : "15.1X53-D50"
}
]
}
}
]
},
"vendor_name" : "Juniper Networks"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability. This issue was seen in a production network where a routine security scan was performed on the device."
}
],
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-908: Use of Uninitialized Resource"
}
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2019-01-09T17:00:00.000Z",
"ID": "CVE-2019-0006",
"STATE": "PUBLIC",
"TITLE": "Junos OS: EX, QFX and MX series: Packet Forwarding Engine manager (FXPC) process crashes due to a crafted HTTP packet in a Virtual Chassis configuration "
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"affected": "<",
"platform": "EX Virtual Chassis Platforms, QFX Virtual Chassis Platforms",
"version_name": "14.1X53",
"version_value": "14.1X53-D47"
},
{
"affected": "<",
"platform": "EX Virtual Chassis Platforms, QFX Virtual Chassis Platforms, MX Virtual Chassis Platforms",
"version_name": "15.1",
"version_value": "15.1R7-S3"
},
{
"affected": "<",
"platform": "EX Virtual Chassis Platforms, QFX Virtual Chassis Platforms",
"version_name": "15.1X53",
"version_value": "15.1X53-D50"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://kb.juniper.net/JSA10906",
"refsource" : "CONFIRM",
"url" : "https://kb.juniper.net/JSA10906"
},
{
"name" : "106666",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106666"
}
]
},
"solution" : [
{
"lang" : "eng",
"value" : "The following Junos OS releases have been updated to resolve this specific issue: 14.1X53-D47, 15.1R7-S3, 16.1R1 and all subsequent releases.\n"
}
],
"source" : {
"advisory" : "JSA10906",
"defect" : [
"1351411",
"1166070"
],
"discovery" : "USER"
},
"work_around" : [
{
"lang" : "eng",
"value" : "There are no viable workarounds for this issue."
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. This issue only occurs when the crafted packet it destined to the device. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47 on EX and QFX Virtual Chassis Platforms; 15.1 versions prior to 15.1R7-S3 all Virtual Chassis Platforms 15.1X53 versions prior to 15.1X53-D50 on EX and QFX Virtual Chassis Platforms."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability. This issue was seen in a production network where a routine security scan was performed on the device."
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-908: Use of Uninitialized Resource"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106666"
},
{
"name": "https://kb.juniper.net/JSA10906",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10906"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following Junos OS releases have been updated to resolve this specific issue: 14.1X53-D47, 15.1R7-S3, 16.1R1 and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA10906",
"defect": [
"1351411",
"1166070"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "There are no viable workarounds for this issue."
}
]
}

34
2019/0xxx/CVE-2019-0220.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0220",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0220",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/0xxx/CVE-2019-0507.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0507",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0507",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

176
2019/0xxx/CVE-2019-0604.json
View File

@ -1,90 +1,90 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0604",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Microsoft SharePoint Server",
"version" : {
"version_data" : [
{
"version_value" : "2010 Service Pack 2"
},
{
"version_value" : "2019"
}
]
}
},
{
"product_name" : "Microsoft SharePoint Foundation",
"version" : {
"version_data" : [
{
"version_value" : "2013 Service Pack 1"
}
]
}
},
{
"product_name" : "Microsoft SharePoint Enterprise Server",
"version" : {
"version_data" : [
{
"version_value" : "2016"
}
]
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft SharePoint Server",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2"
},
{
"version_value": "2019"
}
]
}
},
{
"product_name": "Microsoft SharePoint Foundation",
"version": {
"version_data": [
{
"version_value": "2013 Service Pack 1"
}
]
}
},
{
"product_name": "Microsoft SharePoint Enterprise Server",
"version": {
"version_data": [
{
"version_value": "2016"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604"
},
{
"name" : "106914",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106914"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106914",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106914"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604"
}
]
}
}

34
2019/1xxx/CVE-2019-1281.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1281",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1281",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/1xxx/CVE-2019-1321.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1321",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1321",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/1xxx/CVE-2019-1437.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1437",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1437",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/1xxx/CVE-2019-1811.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1811",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1811",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3544.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3544",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3544",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3958.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3958",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3958",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4304.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4304",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4304",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4412.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4412",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4412",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4623.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4623",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4623",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4820.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4820",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4820",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5190.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5190",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5190",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5353.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5353",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5353",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8469.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8469",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8469",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8597.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8597",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8597",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8967.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8967",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8967",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9277.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9277",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9277",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9292.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9292",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9292",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9727.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9727",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9727",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}