CVE-2016-2182

Published on: 09/16/2016 12:00:00 AM UTC

Last Modified on: 11/17/2021 10:15:00 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Certain versions of Icewall Federation Agent from Hp contain the following vulnerability:

The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.

  • CVE-2016-2182 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as CRITICAL severity.

CVSS3 Score: 9.8 - CRITICAL

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 7.5 - HIGH

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL PARTIAL PARTIAL

CVE References

Description Tags Link
[security-announce] openSUSE-SU-2016:2537-1: important: Security update for compat-openssl098 - openSUSE Security Announce - openSUSE Mailing Lists lists.opensuse.org
text/html
URL Logo SUSE openSUSE-SU-2016:2537
[security-announce] SUSE-SU-2016:2394-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2394
git.openssl.org Git - openssl.git/commit Issue Tracking
Patch
Third Party Advisory
git.openssl.org
text/xml
URL Logo CONFIRM git.openssl.org/?p=openssl.git;a=commit;h=07bed46f332fce8c1d157689a2cdf915a982ae34
[security-announce] SUSE-SU-2016:2458-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2458
OpenSSL 'BN_bn2dec()' Function Out of Bounds Write Denial of Service Vulnerability Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 92557
[security-announce] SUSE-SU-2016:2468-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2468
Document Display | HPE Support Center support.hpe.com
text/html
URL Logo CONFIRM support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us
No Description Provided support.f5.com
text/html
URL Logo CONFIRM support.f5.com/csp/article/K01276005
Android Security Bulletin—March 2017 | Android Open Source Project source.android.com
text/html
URL Logo CONFIRM source.android.com/security/bulletin/2017-03-01.html
/news/vulnerabilities.html Vendor Advisory
www.openssl.org
text/html
URL Logo MISC www.openssl.org/news/vulnerabilities.html#y2017
Oracle Critical Patch Update - January 2018 www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
Document Display | HPE Support Center h20566.www2.hpe.com
text/html
URL Logo CONFIRM h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448
Oracle Critical Patch Update - April 2018 www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
USN-3087-1: OpenSSL vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-3087-1
Document Display | HPE Support Center Third Party Advisory
h20566.www2.hpe.com
text/html
URL Logo CONFIRM h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448
Splunk Enterprise 6.4.5 addresses multiple vulnerabilities | Splunk Third Party Advisory
www.splunk.com
text/html
URL Logo CONFIRM www.splunk.com/view/SP-CAAAPUE
Oracle Linux Bulletin - October 2016 Third Party Advisory
www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
Oracle Critical Patch Update - October 2016 Third Party Advisory
www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
[security-announce] openSUSE-SU-2018:0458-1: important: Security update lists.opensuse.org
text/html
URL Logo SUSE openSUSE-SU-2018:0458
McAfee Security Bulletin: Updates fix multiple OpenSSL vulnerabilities (CVE-2016-6304, CVE-2016-2183, CVE-2016-2182, and CVE-2016-7052) Third Party Advisory
kc.mcafee.com
text/html
URL Logo CONFIRM kc.mcafee.com/corporate/index?page=content&id=SB10171
Android Multiple Flaws Let Users Deny Service, Obtain Potentially Sensitive Information, and Gain Elevated Privileges and Let Remote Users Execute Arbitrary Code - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1037968
Debian -- Security Information -- DSA-3673-1 openssl www.debian.org
Depreciated Link
text/html
URL Logo DEBIAN DSA-3673
Public KB - SA40312 - September 22 2016 OpenSSL Security Advisory Third Party Advisory
kb.pulsesecure.net
text/html
URL Logo CONFIRM kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312
[security-announce] openSUSE-SU-2016:2407-1: important: Security update lists.opensuse.org
text/html
URL Logo SUSE openSUSE-SU-2016:2407
[security-announce] SUSE-SU-2016:2469-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2469
[security-announce] openSUSE-SU-2016:2391-1: important: Security update lists.opensuse.org
text/html
URL Logo SUSE openSUSE-SU-2016:2391
Knowledge Center kc.mcafee.com
text/html
URL Logo CONFIRM kc.mcafee.com/corporate/index?page=content&id=SB10215
OpenSSL Out-of-Bounds Write Error in BN_bn2dec() Lets Remote Users Cause the Target Application to Crash - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1036688
Security Advisory 0024 - Arista www.arista.com
text/html
URL Logo MISC www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24
Red Hat Customer Portal access.redhat.com
text/html
URL Logo REDHAT RHSA-2018:2187
Red Hat Customer Portal web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:1940
[R5] Nessus 6.9 Fixes Multiple Vulnerabilities - Security Advisory | Tenable Network Security Third Party Advisory
www.tenable.com
text/html
URL Logo CONFIRM www.tenable.com/security/tns-2016-16
[security-announce] SUSE-SU-2017:2700-1: important: Security update for SLES 12-SP1 Docker image - openSUSE Security Announce - openSUSE Mailing Lists lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2017:2700
USN-3087-2: OpenSSL regression | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-3087-2
SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016 Third Party Advisory
bto.bluecoat.com
text/html
URL Logo CONFIRM bto.bluecoat.com/security-advisory/sa132
Splunk Enterprise 6.5.1 addresses multiple OpenSSL vulnerabilities | Splunk Third Party Advisory
www.splunk.com
text/html
URL Logo CONFIRM www.splunk.com/view/SP-CAAAPSV
Red Hat Customer Portal access.redhat.com
text/html
URL Logo REDHAT RHSA-2018:2185
Oracle VM Server for x86 Bulletin - October 2016 Third Party Advisory
www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
[R2] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities - Security Advisory | Tenable Network Security www.tenable.com
text/html
URL Logo CONFIRM www.tenable.com/security/tns-2016-20
Document Display | HPE Support Center support.hpe.com
text/html
URL Logo CONFIRM support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbhf03856en_us
Full Disclosure: Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities seclists.org
text/html
URL Logo FULLDISC 20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities
Juniper Networks - 2016-10 Security Bulletin: OpenSSL security updates Third Party Advisory
kb.juniper.net
text/html
URL Logo CONFIRM kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
[security-announce] SUSE-SU-2017:2699-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2017:2699
Red Hat Customer Portal access.redhat.com
text/html
URL Logo REDHAT RHSA-2018:2186
Android Security Bulletin—March 2017  |  Android Open Source Project source.android.com
text/html
URL Logo CONFIRM source.android.com/security/bulletin/2017-03-01
Security Advisory - Sixteen OpenSSL Vulnerabilities on Some Huawei products www.huawei.com
text/html
URL Logo CONFIRM www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en
[security-announce] SUSE-SU-2016:2387-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2387
IBM Security Bulletin: Vulnerabilities in OpenSSL, OpenVPN and GNU glibc affect IBM Security Virtual Server Protection for VMware - United States Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo CONFIRM www-01.ibm.com/support/docview.wss?uid=swg21995039
Oracle Critical Patch Update - July 2017 www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
[R1] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities - Security Advisory | Tenable Network Security www.tenable.com
text/html
URL Logo CONFIRM www.tenable.com/security/tns-2016-21
Oracle Critical Patch Update - October 2017 www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
security.FreeBSD.org
text/plain
URL Logo FREEBSD FreeBSD-SA-16:26

Related QID Numbers

  • 390226 Oracle Managed Virtualization (VM) Server for x86 Security Update for Open Secure Sockets Layer (OpenSSL) (OVMSA-2021-0011)
  • 730310 Splunk Enterprise and Light Denial of Service (DoS) Vulnerability (SP-CAAAPSV) (SPL-129207)

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationHpIcewall Federation Agent3.0AllAllAll
ApplicationHpIcewall Federation Agent3.0AllAllAll
ApplicationHpIcewall Mcrp3.0AllAllAll
ApplicationHpIcewall Mcrp3.0AllAllAll
ApplicationHpIcewall Sso10.0AllAllAll
ApplicationHpIcewall Sso10.0AllAllAll
ApplicationHpIcewall Sso10.0AllAllAll
ApplicationHpIcewall Sso10.0AllAllAll
ApplicationHpIcewall Sso Agent Option10.0AllAllAll
ApplicationHpIcewall Sso Agent Option10.0AllAllAll
ApplicationOpensslOpenssl1.0.1AllAllAll
ApplicationOpensslOpenssl1.0.1aAllAllAll
ApplicationOpensslOpenssl1.0.1bAllAllAll
ApplicationOpensslOpenssl1.0.1cAllAllAll
ApplicationOpensslOpenssl1.0.1dAllAllAll
ApplicationOpensslOpenssl1.0.1eAllAllAll
ApplicationOpensslOpenssl1.0.1fAllAllAll
ApplicationOpensslOpenssl1.0.1gAllAllAll
ApplicationOpensslOpenssl1.0.1hAllAllAll
ApplicationOpensslOpenssl1.0.1iAllAllAll
ApplicationOpensslOpenssl1.0.1jAllAllAll
ApplicationOpensslOpenssl1.0.1kAllAllAll
ApplicationOpensslOpenssl1.0.1lAllAllAll
ApplicationOpensslOpenssl1.0.1mAllAllAll
ApplicationOpensslOpenssl1.0.1nAllAllAll
ApplicationOpensslOpenssl1.0.1oAllAllAll
ApplicationOpensslOpenssl1.0.1pAllAllAll
ApplicationOpensslOpenssl1.0.1qAllAllAll
ApplicationOpensslOpenssl1.0.1rAllAllAll
ApplicationOpensslOpenssl1.0.1sAllAllAll
ApplicationOpensslOpenssl1.0.1tAllAllAll
ApplicationOpensslOpenssl1.0.2AllAllAll
ApplicationOpensslOpenssl1.0.2aAllAllAll
ApplicationOpensslOpenssl1.0.2bAllAllAll
ApplicationOpensslOpenssl1.0.2cAllAllAll
ApplicationOpensslOpenssl1.0.2dAllAllAll
ApplicationOpensslOpenssl1.0.2eAllAllAll
ApplicationOpensslOpenssl1.0.2fAllAllAll
ApplicationOpensslOpenssl1.0.2gAllAllAll
ApplicationOpensslOpenssl1.0.2hAllAllAll
ApplicationOpensslOpenssl1.0.1AllAllAll
ApplicationOpensslOpenssl1.0.1aAllAllAll
ApplicationOpensslOpenssl1.0.1bAllAllAll
ApplicationOpensslOpenssl1.0.1cAllAllAll
ApplicationOpensslOpenssl1.0.1dAllAllAll
ApplicationOpensslOpenssl1.0.1eAllAllAll
ApplicationOpensslOpenssl1.0.1fAllAllAll
ApplicationOpensslOpenssl1.0.1gAllAllAll
ApplicationOpensslOpenssl1.0.1hAllAllAll
ApplicationOpensslOpenssl1.0.1iAllAllAll
ApplicationOpensslOpenssl1.0.1jAllAllAll
ApplicationOpensslOpenssl1.0.1kAllAllAll
ApplicationOpensslOpenssl1.0.1lAllAllAll
ApplicationOpensslOpenssl1.0.1mAllAllAll
ApplicationOpensslOpenssl1.0.1nAllAllAll
ApplicationOpensslOpenssl1.0.1oAllAllAll
ApplicationOpensslOpenssl1.0.1pAllAllAll
ApplicationOpensslOpenssl1.0.1qAllAllAll
ApplicationOpensslOpenssl1.0.1rAllAllAll
ApplicationOpensslOpenssl1.0.1sAllAllAll
ApplicationOpensslOpenssl1.0.1tAllAllAll
ApplicationOpensslOpenssl1.0.2AllAllAll
ApplicationOpensslOpenssl1.0.2aAllAllAll
ApplicationOpensslOpenssl1.0.2bAllAllAll
ApplicationOpensslOpenssl1.0.2cAllAllAll
ApplicationOpensslOpenssl1.0.2dAllAllAll
ApplicationOpensslOpenssl1.0.2eAllAllAll
ApplicationOpensslOpenssl1.0.2fAllAllAll
ApplicationOpensslOpenssl1.0.2gAllAllAll
ApplicationOpensslOpenssl1.0.2hAllAllAll
Operating
System
OracleLinux5AllAllAll
Operating
System
OracleLinux6AllAllAll
Operating
System
OracleLinux7AllAllAll
Operating
System
OracleLinux5AllAllAll
Operating
System
OracleLinux6AllAllAll
Operating
System
OracleLinux7AllAllAll
  • cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:hp:icewall_mcrp:3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:hp:icewall_mcrp:3.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:certd:*:*:*:
  • cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:dfw:*:*:*:
  • cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:certd:*:*:*:
  • cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:dfw:*:*:*:
  • cpe:2.3:a:hp:icewall_sso_agent_option:10.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:hp:icewall_sso_agent_option:10.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*:
  • cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:linux:5:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:linux:5:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*:
© CVE.report 2022 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report