diff --git a/2007/0xxx/CVE-2007-0077.json b/2007/0xxx/CVE-2007-0077.json index 15662fd32bf..d48d121fdd2 100644 --- a/2007/0xxx/CVE-2007-0077.json +++ b/2007/0xxx/CVE-2007-0077.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0077", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "lblog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for a certain file in admin/db/newFolder/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0077", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070102 lblog Remote Password Disclosure", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/455681/100/0/threaded" - }, - { - "name" : "http://www.aria-security.com/forum/showthread.php?t=79", - "refsource" : "MISC", - "url" : "http://www.aria-security.com/forum/showthread.php?t=79" - }, - { - "name" : "33367", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33367" - }, - { - "name" : "1017462", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017462" - }, - { - "name" : "2098", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2098" - }, - { - "name" : "lblog-newfolder-information-disclosure(31229)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31229" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "lblog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for a certain file in admin/db/newFolder/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "lblog-newfolder-information-disclosure(31229)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31229" + }, + { + "name": "2098", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2098" + }, + { + "name": "20070102 lblog Remote Password Disclosure", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/455681/100/0/threaded" + }, + { + "name": "1017462", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017462" + }, + { + "name": "33367", + "refsource": "OSVDB", + "url": "http://osvdb.org/33367" + }, + { + "name": "http://www.aria-security.com/forum/showthread.php?t=79", + "refsource": "MISC", + "url": "http://www.aria-security.com/forum/showthread.php?t=79" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0383.json b/2007/0xxx/CVE-2007-0383.json index a4957aa1b8e..00c476c37a5 100644 --- a/2007/0xxx/CVE-2007-0383.json +++ b/2007/0xxx/CVE-2007-0383.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0383", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** WDaemon 9.5.4 allows remote attackers to access the /WorldClient.dll URI on TCP port 3000, which has unknown impact. NOTE: The researcher reports that the vendor response was \"this is not a security bug.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0383", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070118 The vulnerabilities festival !", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html" - }, - { - "name" : "http://www.hackers.ir/advisories/festival.txt", - "refsource" : "MISC", - "url" : "http://www.hackers.ir/advisories/festival.txt" - }, - { - "name" : "34661", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34661" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** WDaemon 9.5.4 allows remote attackers to access the /WorldClient.dll URI on TCP port 3000, which has unknown impact. NOTE: The researcher reports that the vendor response was \"this is not a security bug.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070118 The vulnerabilities festival !", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html" + }, + { + "name": "34661", + "refsource": "OSVDB", + "url": "http://osvdb.org/34661" + }, + { + "name": "http://www.hackers.ir/advisories/festival.txt", + "refsource": "MISC", + "url": "http://www.hackers.ir/advisories/festival.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0428.json b/2007/0xxx/CVE-2007-0428.json index 987787f45ea..594b2f5746f 100644 --- a/2007/0xxx/CVE-2007-0428.json +++ b/2007/0xxx/CVE-2007-0428.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0428", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the chtbl_lookup function in hash.c for WzdFTPD 8.0 and earlier allows remote attackers to cause a denial of service via a crafted FTP command, probably due to a NULL pointer dereference." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0428", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070119 WzdFTPD < 8.1 Denial of service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457454/100/0/threaded" - }, - { - "name" : "20070119 WzdFTPD < 8.1 Denial of service", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051896.html" - }, - { - "name" : "http://www.s21sec.com/avisos/s21sec-033-en.txt", - "refsource" : "MISC", - "url" : "http://www.s21sec.com/avisos/s21sec-033-en.txt" - }, - { - "name" : "ADV-2007-0277", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0277" - }, - { - "name" : "32941", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32941" - }, - { - "name" : "1017537", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017537" - }, - { - "name" : "23852", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23852" - }, - { - "name" : "2171", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2171" - }, - { - "name" : "wzdftpd-ftp-dos(31599)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31599" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the chtbl_lookup function in hash.c for WzdFTPD 8.0 and earlier allows remote attackers to cause a denial of service via a crafted FTP command, probably due to a NULL pointer dereference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23852", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23852" + }, + { + "name": "http://www.s21sec.com/avisos/s21sec-033-en.txt", + "refsource": "MISC", + "url": "http://www.s21sec.com/avisos/s21sec-033-en.txt" + }, + { + "name": "wzdftpd-ftp-dos(31599)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31599" + }, + { + "name": "2171", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2171" + }, + { + "name": "ADV-2007-0277", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0277" + }, + { + "name": "32941", + "refsource": "OSVDB", + "url": "http://osvdb.org/32941" + }, + { + "name": "1017537", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017537" + }, + { + "name": "20070119 WzdFTPD < 8.1 Denial of service", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051896.html" + }, + { + "name": "20070119 WzdFTPD < 8.1 Denial of service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457454/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0685.json b/2007/0xxx/CVE-2007-0685.json index 74f10957938..9529f50f78d 100644 --- a/2007/0xxx/CVE-2007-0685.json +++ b/2007/0xxx/CVE-2007-0685.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0685", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Internet Explorer on Windows Mobile 5.0 and Windows Mobile 2003 and 2003SE for Smartphones and PocketPC allows attackers to cause a denial of service (application crash and device instability) via unspecified vectors, possibly related to a buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0685", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.trendmicro.com/trend-micro-finds-more-windows-mobile-flaws/", - "refsource" : "MISC", - "url" : "http://blog.trendmicro.com/trend-micro-finds-more-windows-mobile-flaws/" - }, - { - "name" : "22343", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22343" - }, - { - "name" : "ADV-2007-0434", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0434" - }, - { - "name" : "36149", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36149" - }, - { - "name" : "ie-mobile-unspecified-dos(32001)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32001" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Internet Explorer on Windows Mobile 5.0 and Windows Mobile 2003 and 2003SE for Smartphones and PocketPC allows attackers to cause a denial of service (application crash and device instability) via unspecified vectors, possibly related to a buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36149", + "refsource": "OSVDB", + "url": "http://osvdb.org/36149" + }, + { + "name": "ie-mobile-unspecified-dos(32001)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32001" + }, + { + "name": "ADV-2007-0434", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0434" + }, + { + "name": "22343", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22343" + }, + { + "name": "http://blog.trendmicro.com/trend-micro-finds-more-windows-mobile-flaws/", + "refsource": "MISC", + "url": "http://blog.trendmicro.com/trend-micro-finds-more-windows-mobile-flaws/" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0802.json b/2007/0xxx/CVE-2007-0802.json index 80817976bdb..550ce7e294c 100644 --- a/2007/0xxx/CVE-2007-0802.json +++ b/2007/0xxx/CVE-2007-0802.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0802", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing Protection mechanism by adding certain characters to the end of the domain name, as demonstrated by the \".\" and \"/\" characters, which is not caught by the Phishing List blacklist filter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0802", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070206 Firefox 2.0.0.1 and Opera 9.10 Anty Fraud/Phishing Protection bypass.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459265/100/0/threaded" - }, - { - "name" : "20070418 Firefox 2.0.0.3 Phishing Protection Bypass Vulnerability", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0516.html" - }, - { - "name" : "http://kaneda.bohater.net/security/20070111-firefox_2.0.0.1_bypass_phishing_protection.php", - "refsource" : "MISC", - "url" : "http://kaneda.bohater.net/security/20070111-firefox_2.0.0.1_bypass_phishing_protection.php" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=367538", - "refsource" : "MISC", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=367538" - }, - { - "name" : "33705", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33705" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing Protection mechanism by adding certain characters to the end of the domain name, as demonstrated by the \".\" and \"/\" characters, which is not caught by the Phishing List blacklist filter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070206 Firefox 2.0.0.1 and Opera 9.10 Anty Fraud/Phishing Protection bypass.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459265/100/0/threaded" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=367538", + "refsource": "MISC", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=367538" + }, + { + "name": "33705", + "refsource": "OSVDB", + "url": "http://osvdb.org/33705" + }, + { + "name": "20070418 Firefox 2.0.0.3 Phishing Protection Bypass Vulnerability", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0516.html" + }, + { + "name": "http://kaneda.bohater.net/security/20070111-firefox_2.0.0.1_bypass_phishing_protection.php", + "refsource": "MISC", + "url": "http://kaneda.bohater.net/security/20070111-firefox_2.0.0.1_bypass_phishing_protection.php" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3388.json b/2007/3xxx/CVE-2007-3388.json index 25f6c9e0a8f..7f2d60102b9 100644 --- a/2007/3xxx/CVE-2007-3388.json +++ b/2007/3xxx/CVE-2007-3388.json @@ -1,237 +1,237 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3388", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-3388", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070803 FLEA-2007-0042-1 qt", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475480/30/5550/threaded" - }, - { - "name" : "http://dist.trolltech.com/developer/download/170529.diff", - "refsource" : "CONFIRM", - "url" : "http://dist.trolltech.com/developer/download/170529.diff" - }, - { - "name" : "http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960", - "refsource" : "CONFIRM", - "url" : "http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1597", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1597" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-388.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-388.htm" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=185446", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=185446" - }, - { - "name" : "DSA-1426", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1426" - }, - { - "name" : "FEDORA-2007-2216", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/updates/FEDORA-2007-221.shtml" - }, - { - "name" : "FEDORA-2007-703", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/updates/FEDORA-2007-703.shtml" - }, - { - "name" : "GLSA-200708-16", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200708-16.xml" - }, - { - "name" : "GLSA-200710-28", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-28.xml" - }, - { - "name" : "GLSA-200712-08", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200712-08.xml" - }, - { - "name" : "MDKSA-2007:151", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:151" - }, - { - "name" : "RHSA-2007:0721", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0721.html" - }, - { - "name" : "20070801-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc" - }, - { - "name" : "SSA:2007-222-03", - "refsource" : "SLACKWARE", - "url" : "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.354168" - }, - { - "name" : "SUSE-SA:2007:048", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_48_qt3.html" - }, - { - "name" : "USN-495-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-495-1" - }, - { - "name" : "25154", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25154" - }, - { - "name" : "oval:org.mitre.oval:def:9690", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9690" - }, - { - "name" : "ADV-2007-2733", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2733" - }, - { - "name" : "1018485", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018485" - }, - { - "name" : "26295", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26295" - }, - { - "name" : "26298", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26298" - }, - { - "name" : "26264", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26264" - }, - { - "name" : "26284", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26284" - }, - { - "name" : "26291", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26291" - }, - { - "name" : "26306", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26306" - }, - { - "name" : "26385", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26385" - }, - { - "name" : "24460", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24460" - }, - { - "name" : "26607", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26607" - }, - { - "name" : "26852", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26852" - }, - { - "name" : "26804", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26804" - }, - { - "name" : "26882", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26882" - }, - { - "name" : "27996", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27996" - }, - { - "name" : "28021", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28021" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://issues.rpath.com/browse/RPL-1597", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1597" + }, + { + "name": "1018485", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018485" + }, + { + "name": "26385", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26385" + }, + { + "name": "http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960", + "refsource": "CONFIRM", + "url": "http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960" + }, + { + "name": "26298", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26298" + }, + { + "name": "GLSA-200710-28", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-28.xml" + }, + { + "name": "USN-495-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-495-1" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-388.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-388.htm" + }, + { + "name": "ADV-2007-2733", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2733" + }, + { + "name": "SUSE-SA:2007:048", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_48_qt3.html" + }, + { + "name": "26284", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26284" + }, + { + "name": "MDKSA-2007:151", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:151" + }, + { + "name": "27996", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27996" + }, + { + "name": "http://dist.trolltech.com/developer/download/170529.diff", + "refsource": "CONFIRM", + "url": "http://dist.trolltech.com/developer/download/170529.diff" + }, + { + "name": "26882", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26882" + }, + { + "name": "26607", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26607" + }, + { + "name": "26264", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26264" + }, + { + "name": "GLSA-200708-16", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-16.xml" + }, + { + "name": "26291", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26291" + }, + { + "name": "24460", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24460" + }, + { + "name": "26306", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26306" + }, + { + "name": "26804", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26804" + }, + { + "name": "25154", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25154" + }, + { + "name": "20070803 FLEA-2007-0042-1 qt", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475480/30/5550/threaded" + }, + { + "name": "26852", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26852" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=185446", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=185446" + }, + { + "name": "FEDORA-2007-703", + "refsource": "FEDORA", + "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml" + }, + { + "name": "FEDORA-2007-2216", + "refsource": "FEDORA", + "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml" + }, + { + "name": "20070801-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc" + }, + { + "name": "GLSA-200712-08", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml" + }, + { + "name": "28021", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28021" + }, + { + "name": "RHSA-2007:0721", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0721.html" + }, + { + "name": "oval:org.mitre.oval:def:9690", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9690" + }, + { + "name": "26295", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26295" + }, + { + "name": "SSA:2007-222-03", + "refsource": "SLACKWARE", + "url": "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.354168" + }, + { + "name": "DSA-1426", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1426" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3793.json b/2007/3xxx/CVE-2007-3793.json index 5b225b70b7c..7de7845828b 100644 --- a/2007/3xxx/CVE-2007-3793.json +++ b/2007/3xxx/CVE-2007-3793.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3793", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Job Management Partner 1/NETM/DM (JP1/NETM/DM) Manager on Windows before 20070413 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3793", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-019_e/index-e.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-019_e/index-e.html" - }, - { - "name" : "24903", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24903" - }, - { - "name" : "ADV-2007-2535", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2535" - }, - { - "name" : "37014", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37014" - }, - { - "name" : "26052", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26052" - }, - { - "name" : "hitachi-jp1netmdm-unspecified-sql-injection(35386)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35386" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Job Management Partner 1/NETM/DM (JP1/NETM/DM) Manager on Windows before 20070413 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "hitachi-jp1netmdm-unspecified-sql-injection(35386)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35386" + }, + { + "name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-019_e/index-e.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-019_e/index-e.html" + }, + { + "name": "26052", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26052" + }, + { + "name": "24903", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24903" + }, + { + "name": "37014", + "refsource": "OSVDB", + "url": "http://osvdb.org/37014" + }, + { + "name": "ADV-2007-2535", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2535" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3909.json b/2007/3xxx/CVE-2007-3909.json index 0e2e941ac02..e59a3f4a931 100644 --- a/2007/3xxx/CVE-2007-3909.json +++ b/2007/3xxx/CVE-2007-3909.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3909", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow remote attackers to execute arbitrary SQL commands via the (1) date and (2) limit parameters to index.php, and other unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3909", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.portcullis-security.com/uplds/advisories/Bandersnatch%20-%2007-006.txt", - "refsource" : "MISC", - "url" : "http://www.portcullis-security.com/uplds/advisories/Bandersnatch%20-%2007-006.txt" - }, - { - "name" : "25094", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25094" - }, - { - "name" : "38268", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/38268" - }, - { - "name" : "26202", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26202" - }, - { - "name" : "bandersnatch-index-sql-injection(35406)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35406" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow remote attackers to execute arbitrary SQL commands via the (1) date and (2) limit parameters to index.php, and other unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26202", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26202" + }, + { + "name": "25094", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25094" + }, + { + "name": "bandersnatch-index-sql-injection(35406)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35406" + }, + { + "name": "38268", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/38268" + }, + { + "name": "http://www.portcullis-security.com/uplds/advisories/Bandersnatch%20-%2007-006.txt", + "refsource": "MISC", + "url": "http://www.portcullis-security.com/uplds/advisories/Bandersnatch%20-%2007-006.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4118.json b/2007/4xxx/CVE-2007-4118.json index 552a07ab23f..00484857a56 100644 --- a/2007/4xxx/CVE-2007-4118.json +++ b/2007/4xxx/CVE-2007-4118.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4118", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in includes/functions.inc.php in phpVoter 0.6 allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4118", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070730 phpVoter v0.6 Remote File Include Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475100/100/0/threaded" - }, - { - "name" : "39030", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39030" - }, - { - "name" : "2939", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2939" - }, - { - "name" : "phpvoter-functions-file-include(35691)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35691" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in includes/functions.inc.php in phpVoter 0.6 allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2939", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2939" + }, + { + "name": "39030", + "refsource": "OSVDB", + "url": "http://osvdb.org/39030" + }, + { + "name": "phpvoter-functions-file-include(35691)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35691" + }, + { + "name": "20070730 phpVoter v0.6 Remote File Include Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475100/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4496.json b/2007/4xxx/CVE-2007-4496.json index cc3e77f2013..4c96c214ca2 100644 --- a/2007/4xxx/CVE-2007-4496.json +++ b/2007/4xxx/CVE-2007-4496.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4496", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4496", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html" - }, - { - "name" : "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ace/doc/releasenotes_ace.html" - }, - { - "name" : "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html" - }, - { - "name" : "http://www.vmware.com/support/player/doc/releasenotes_player.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/player/doc/releasenotes_player.html" - }, - { - "name" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" - }, - { - "name" : "http://www.vmware.com/support/server/doc/releasenotes_server.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/server/doc/releasenotes_server.html" - }, - { - "name" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" - }, - { - "name" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" - }, - { - "name" : "GLSA-200711-23", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200711-23.xml" - }, - { - "name" : "USN-543-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-543-1" - }, - { - "name" : "25728", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25728" - }, - { - "name" : "ADV-2007-3229", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3229" - }, - { - "name" : "1018718", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018718" - }, - { - "name" : "26890", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26890" - }, - { - "name" : "27694", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27694" - }, - { - "name" : "27706", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27706" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html" + }, + { + "name": "GLSA-200711-23", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml" + }, + { + "name": "USN-543-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-543-1" + }, + { + "name": "ADV-2007-3229", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3229" + }, + { + "name": "27694", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27694" + }, + { + "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html" + }, + { + "name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html" + }, + { + "name": "25728", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25728" + }, + { + "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" + }, + { + "name": "26890", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26890" + }, + { + "name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html" + }, + { + "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html" + }, + { + "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" + }, + { + "name": "27706", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27706" + }, + { + "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" + }, + { + "name": "1018718", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018718" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4536.json b/2007/4xxx/CVE-2007-4536.json index 7b95121cd09..037b7c1cdb8 100644 --- a/2007/4xxx/CVE-2007-4536.json +++ b/2007/4xxx/CVE-2007-4536.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4536", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "TorrentTrader 1.07 and earlier sets insecure permissions for files in the root directory, which allows attackers to execute arbitrary PHP code by modifying (1) disclaimer.txt, (2) sponsors.txt, and (3) banners.txt, which are used in an include call. NOTE: there might be local attack vectors that extend to other files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4536", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.torrenttrader.org/index.php?showtopic=5843", - "refsource" : "CONFIRM", - "url" : "http://www.torrenttrader.org/index.php?showtopic=5843" - }, - { - "name" : "20070824 uh-oh: local file inclusion from insecure permissions", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-August/001774.html" - }, - { - "name" : "25536", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25536" - }, - { - "name" : "40257", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40257" - }, - { - "name" : "26679", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26679" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "TorrentTrader 1.07 and earlier sets insecure permissions for files in the root directory, which allows attackers to execute arbitrary PHP code by modifying (1) disclaimer.txt, (2) sponsors.txt, and (3) banners.txt, which are used in an include call. NOTE: there might be local attack vectors that extend to other files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "40257", + "refsource": "OSVDB", + "url": "http://osvdb.org/40257" + }, + { + "name": "http://www.torrenttrader.org/index.php?showtopic=5843", + "refsource": "CONFIRM", + "url": "http://www.torrenttrader.org/index.php?showtopic=5843" + }, + { + "name": "26679", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26679" + }, + { + "name": "25536", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25536" + }, + { + "name": "20070824 uh-oh: local file inclusion from insecure permissions", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-August/001774.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4744.json b/2007/4xxx/CVE-2007-4744.json index 3b274707b6e..c48635ba654 100644 --- a/2007/4xxx/CVE-2007-4744.json +++ b/2007/4xxx/CVE-2007-4744.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4744", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in environment.php in AnyInventory 1.9.1 and 2.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DIR_PREFIX parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4744", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4365", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4365" - }, - { - "name" : "25550", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25550" - }, - { - "name" : "36846", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/36846" - }, - { - "name" : "26696", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26696" - }, - { - "name" : "anyinventory-environment-file-include(36436)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36436" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in environment.php in AnyInventory 1.9.1 and 2.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DIR_PREFIX parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4365", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4365" + }, + { + "name": "25550", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25550" + }, + { + "name": "26696", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26696" + }, + { + "name": "36846", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/36846" + }, + { + "name": "anyinventory-environment-file-include(36436)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36436" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4771.json b/2007/4xxx/CVE-2007-4771.json index 28124d1b301..0ca0c0b1700 100644 --- a/2007/4xxx/CVE-2007-4771.json +++ b/2007/4xxx/CVE-2007-4771.json @@ -1,257 +1,257 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4771", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4771", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080206 rPSA-2008-0043-1 icu", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/487677/100/0/threaded" - }, - { - "name" : "[icu-support] 20080122 ICU Patch for bugs in Regular Expressions", - "refsource" : "MLIST", - "url" : "http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=429025", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=429025" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-2199", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-2199" - }, - { - "name" : "http://www.openoffice.org/security/cves/CVE-2007-4770.html", - "refsource" : "CONFIRM", - "url" : "http://www.openoffice.org/security/cves/CVE-2007-4770.html" - }, - { - "name" : "http://www.openoffice.org/security/cves/CVE-2007-5745.html", - "refsource" : "CONFIRM", - "url" : "http://www.openoffice.org/security/cves/CVE-2007-5745.html" - }, - { - "name" : "DSA-1511", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1511" - }, - { - "name" : "FEDORA-2008-1036", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html" - }, - { - "name" : "FEDORA-2008-1076", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html" - }, - { - "name" : "GLSA-200803-20", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200803-20.xml" - }, - { - "name" : "GLSA-200805-16", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200805-16.xml" - }, - { - "name" : "MDVSA-2008:026", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:026" - }, - { - "name" : "RHSA-2008:0090", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2008-0090.html" - }, - { - "name" : "233922", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1" - }, - { - "name" : "231641", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1" - }, - { - "name" : "SUSE-SR:2008:005", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" - }, - { - "name" : "SUSE-SA:2008:023", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html" - }, - { - "name" : "USN-591-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-591-1" - }, - { - "name" : "27455", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27455" - }, - { - "name" : "oval:org.mitre.oval:def:10507", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10507" - }, - { - "name" : "ADV-2008-0282", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0282" - }, - { - "name" : "ADV-2008-0807", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0807/references" - }, - { - "name" : "ADV-2008-1375", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1375/references" - }, - { - "name" : "oval:org.mitre.oval:def:5431", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5431" - }, - { - "name" : "1019269", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019269" - }, - { - "name" : "28575", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28575" - }, - { - "name" : "28615", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28615" - }, - { - "name" : "28669", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28669" - }, - { - "name" : "28783", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28783" - }, - { - "name" : "29194", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29194" - }, - { - "name" : "29242", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29242" - }, - { - "name" : "29291", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29291" - }, - { - "name" : "29333", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29333" - }, - { - "name" : "29294", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29294" - }, - { - "name" : "29852", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29852" - }, - { - "name" : "29910", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29910" - }, - { - "name" : "29987", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29987" - }, - { - "name" : "30179", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30179" - }, - { - "name" : "libicu-dointerval-bo(39936)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39936" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have unspecified other impact via a regular expression that writes a large amount of data to the backtracking stack. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "libicu-dointerval-bo(39936)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39936" + }, + { + "name": "233922", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1" + }, + { + "name": "28615", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28615" + }, + { + "name": "29852", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29852" + }, + { + "name": "28783", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28783" + }, + { + "name": "29291", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29291" + }, + { + "name": "SUSE-SA:2008:023", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2008_23_openoffice.html" + }, + { + "name": "29242", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29242" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=429025", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429025" + }, + { + "name": "1019269", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019269" + }, + { + "name": "GLSA-200805-16", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200805-16.xml" + }, + { + "name": "29987", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29987" + }, + { + "name": "SUSE-SR:2008:005", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" + }, + { + "name": "27455", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27455" + }, + { + "name": "oval:org.mitre.oval:def:10507", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10507" + }, + { + "name": "29294", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29294" + }, + { + "name": "http://www.openoffice.org/security/cves/CVE-2007-4770.html", + "refsource": "CONFIRM", + "url": "http://www.openoffice.org/security/cves/CVE-2007-4770.html" + }, + { + "name": "GLSA-200803-20", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200803-20.xml" + }, + { + "name": "DSA-1511", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1511" + }, + { + "name": "oval:org.mitre.oval:def:5431", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5431" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0043" + }, + { + "name": "RHSA-2008:0090", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2008-0090.html" + }, + { + "name": "29333", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29333" + }, + { + "name": "https://issues.rpath.com/browse/RPL-2199", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-2199" + }, + { + "name": "USN-591-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-591-1" + }, + { + "name": "MDVSA-2008:026", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:026" + }, + { + "name": "231641", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1" + }, + { + "name": "ADV-2008-1375", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1375/references" + }, + { + "name": "29194", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29194" + }, + { + "name": "30179", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30179" + }, + { + "name": "FEDORA-2008-1076", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html" + }, + { + "name": "http://www.openoffice.org/security/cves/CVE-2007-5745.html", + "refsource": "CONFIRM", + "url": "http://www.openoffice.org/security/cves/CVE-2007-5745.html" + }, + { + "name": "28575", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28575" + }, + { + "name": "20080206 rPSA-2008-0043-1 icu", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/487677/100/0/threaded" + }, + { + "name": "[icu-support] 20080122 ICU Patch for bugs in Regular Expressions", + "refsource": "MLIST", + "url": "http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com" + }, + { + "name": "28669", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28669" + }, + { + "name": "ADV-2008-0807", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0807/references" + }, + { + "name": "29910", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29910" + }, + { + "name": "FEDORA-2008-1036", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html" + }, + { + "name": "ADV-2008-0282", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0282" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6424.json b/2007/6xxx/CVE-2007-6424.json index 1835ff220c6..16c06735c96 100644 --- a/2007/6xxx/CVE-2007-6424.json +++ b/2007/6xxx/CVE-2007-6424.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6424", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote attackers to disable trixbox and execute arbitrary commands via a DNS spoofing attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6424", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[VOIPSEC] 20071216 Trixbox Arbitrary Command Execution Vulnerability", - "refsource" : "MLIST", - "url" : "http://voipsa.org/pipermail/voipsec_voipsa.org/2007-December/002522.html" - }, - { - "name" : "[VOIPSEC] 20071219 trixbox vulnerability fluff", - "refsource" : "MLIST", - "url" : "http://voipsa.org/pipermail/voipsec_voipsa.org/2007-December/002533.html" - }, - { - "name" : "[VOIPSEC] 20071219 trixbox vuln (CVE-2007-6424) - PoC exploit code", - "refsource" : "MLIST", - "url" : "http://voipsa.org/pipermail/voipsec_voipsa.org/2007-December/002528.html" - }, - { - "name" : "http://voipsa.org/blog/2007/12/17/trixbox-contains-phone-home-code-to-retrieve-arbitrary-commands-to-execute/", - "refsource" : "MISC", - "url" : "http://voipsa.org/blog/2007/12/17/trixbox-contains-phone-home-code-to-retrieve-arbitrary-commands-to-execute/" - }, - { - "name" : "http://www.superunknown.org/pivot/entry.php?id=15", - "refsource" : "MISC", - "url" : "http://www.superunknown.org/pivot/entry.php?id=15" - }, - { - "name" : "http://www.trixbox.org/forums/trixbox-forums/open-discussion/trixbox-phones-home", - "refsource" : "MISC", - "url" : "http://www.trixbox.org/forums/trixbox-forums/open-discussion/trixbox-phones-home" - }, - { - "name" : "44136", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/44136" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote attackers to disable trixbox and execute arbitrary commands via a DNS spoofing attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[VOIPSEC] 20071219 trixbox vuln (CVE-2007-6424) - PoC exploit code", + "refsource": "MLIST", + "url": "http://voipsa.org/pipermail/voipsec_voipsa.org/2007-December/002528.html" + }, + { + "name": "[VOIPSEC] 20071216 Trixbox Arbitrary Command Execution Vulnerability", + "refsource": "MLIST", + "url": "http://voipsa.org/pipermail/voipsec_voipsa.org/2007-December/002522.html" + }, + { + "name": "[VOIPSEC] 20071219 trixbox vulnerability fluff", + "refsource": "MLIST", + "url": "http://voipsa.org/pipermail/voipsec_voipsa.org/2007-December/002533.html" + }, + { + "name": "http://www.trixbox.org/forums/trixbox-forums/open-discussion/trixbox-phones-home", + "refsource": "MISC", + "url": "http://www.trixbox.org/forums/trixbox-forums/open-discussion/trixbox-phones-home" + }, + { + "name": "http://voipsa.org/blog/2007/12/17/trixbox-contains-phone-home-code-to-retrieve-arbitrary-commands-to-execute/", + "refsource": "MISC", + "url": "http://voipsa.org/blog/2007/12/17/trixbox-contains-phone-home-code-to-retrieve-arbitrary-commands-to-execute/" + }, + { + "name": "44136", + "refsource": "OSVDB", + "url": "http://osvdb.org/44136" + }, + { + "name": "http://www.superunknown.org/pivot/entry.php?id=15", + "refsource": "MISC", + "url": "http://www.superunknown.org/pivot/entry.php?id=15" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6588.json b/2007/6xxx/CVE-2007-6588.json index 190205ddd4c..4bda4d85189 100644 --- a/2007/6xxx/CVE-2007-6588.json +++ b/2007/6xxx/CVE-2007-6588.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6588", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in PHCDownload 1.10 allows remote attackers to inject arbitrary web script or HTML via the username field in an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6588", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "26991", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26991" - }, - { - "name" : "40376", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40376" - }, - { - "name" : "phcdownload-username-xss(39240)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39240" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in PHCDownload 1.10 allows remote attackers to inject arbitrary web script or HTML via the username field in an unspecified component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "40376", + "refsource": "OSVDB", + "url": "http://osvdb.org/40376" + }, + { + "name": "26991", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26991" + }, + { + "name": "phcdownload-username-xss(39240)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39240" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5018.json b/2010/5xxx/CVE-2010-5018.json index b55620ee384..80bf7b6efc7 100644 --- a/2010/5xxx/CVE-2010-5018.json +++ b/2010/5xxx/CVE-2010-5018.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5018", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5018", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "13894", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/13894" - }, - { - "name" : "http://packetstormsecurity.org/1006-exploits/2daybizocs-sqlxss.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1006-exploits/2daybizocs-sqlxss.txt" - }, - { - "name" : "40890", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40890" - }, - { - "name" : "40213", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40213" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "40890", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40890" + }, + { + "name": "http://packetstormsecurity.org/1006-exploits/2daybizocs-sqlxss.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1006-exploits/2daybizocs-sqlxss.txt" + }, + { + "name": "13894", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/13894" + }, + { + "name": "40213", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40213" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5031.json b/2010/5xxx/CVE-2010-5031.json index 415b2251404..a7558540c46 100644 --- a/2010/5xxx/CVE-2010-5031.json +++ b/2010/5xxx/CVE-2010-5031.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5031", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index.php in fileNice 1.1 allows remote attackers to inject arbitrary web script or HTML via the sstring parameter (aka the Search Box). NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5031", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1006-exploits/filenicescript-xss.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1006-exploits/filenicescript-xss.txt" - }, - { - "name" : "40624", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40624" - }, - { - "name" : "40077", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40077" - }, - { - "name" : "8519", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8519" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index.php in fileNice 1.1 allows remote attackers to inject arbitrary web script or HTML via the sstring parameter (aka the Search Box). NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "40624", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40624" + }, + { + "name": "40077", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40077" + }, + { + "name": "http://packetstormsecurity.org/1006-exploits/filenicescript-xss.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1006-exploits/filenicescript-xss.txt" + }, + { + "name": "8519", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8519" + } + ] + } +} \ No newline at end of file diff --git a/2014/100xxx/CVE-2014-100008.json b/2014/100xxx/CVE-2014-100008.json index b4b0b625dc9..2fceee6e238 100644 --- a/2014/100xxx/CVE-2014-100008.json +++ b/2014/100xxx/CVE-2014-100008.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-100008", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in includes/delete_img.php in the Joomlaskin JS Multi Hotel (aka JS MultiHotel and Js-Multi-Hotel) plugin 2.2.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-100008", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/125959", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/125959" - }, - { - "name" : "http://websecurity.com.ua/7087/", - "refsource" : "MISC", - "url" : "http://websecurity.com.ua/7087/" - }, - { - "name" : "jsmulti-wordpress-xss(92207)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/92207" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in includes/delete_img.php in the Joomlaskin JS Multi Hotel (aka JS MultiHotel and Js-Multi-Hotel) plugin 2.2.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/125959", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/125959" + }, + { + "name": "http://websecurity.com.ua/7087/", + "refsource": "MISC", + "url": "http://websecurity.com.ua/7087/" + }, + { + "name": "jsmulti-wordpress-xss(92207)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92207" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1245.json b/2014/1xxx/CVE-2014-1245.json index 49ff0cc4dd3..b58ddfd5f3f 100644 --- a/2014/1xxx/CVE-2014-1245.json +++ b/2014/1xxx/CVE-2014-1245.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1245", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2014-1245", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT6150", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT6150" - }, - { - "name" : "http://support.apple.com/kb/HT6151", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT6151" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted stsz atom in a movie file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT6150", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT6150" + }, + { + "name": "http://support.apple.com/kb/HT6151", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT6151" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1725.json b/2014/1xxx/CVE-2014-1725.json index 7ebd8dade68..ca0c5116b50 100644 --- a/2014/1xxx/CVE-2014-1725.json +++ b/2014/1xxx/CVE-2014-1725.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1725", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The base64DecodeInternal function in wtf/text/Base64.cpp in Blink, as used in Google Chrome before 34.0.1847.116, does not properly handle string data composed exclusively of whitespace characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via a window.atob method call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2014-1725", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=357332", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=357332" - }, - { - "name" : "https://src.chromium.org/viewvc/blink?revision=170264&view=revision", - "refsource" : "CONFIRM", - "url" : "https://src.chromium.org/viewvc/blink?revision=170264&view=revision" - }, - { - "name" : "DSA-2905", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2905" - }, - { - "name" : "GLSA-201408-16", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml" - }, - { - "name" : "openSUSE-SU-2014:0601", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00012.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The base64DecodeInternal function in wtf/text/Base64.cpp in Blink, as used in Google Chrome before 34.0.1847.116, does not properly handle string data composed exclusively of whitespace characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via a window.atob method call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2014/04/stable-channel-update.html" + }, + { + "name": "openSUSE-SU-2014:0601", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00012.html" + }, + { + "name": "GLSA-201408-16", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml" + }, + { + "name": "DSA-2905", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2905" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=357332", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=357332" + }, + { + "name": "https://src.chromium.org/viewvc/blink?revision=170264&view=revision", + "refsource": "CONFIRM", + "url": "https://src.chromium.org/viewvc/blink?revision=170264&view=revision" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5492.json b/2014/5xxx/CVE-2014-5492.json index 2d0008a5ff9..ed5709096bb 100644 --- a/2014/5xxx/CVE-2014-5492.json +++ b/2014/5xxx/CVE-2014-5492.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5492", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5492", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5535.json b/2014/5xxx/CVE-2014-5535.json index a3d51f2ae02..61d5e698061 100644 --- a/2014/5xxx/CVE-2014-5535.json +++ b/2014/5xxx/CVE-2014-5535.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5535", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Baby Get Up - Kids Care (aka air.brown.jordansa.getup) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5535", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#946729", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/946729" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Baby Get Up - Kids Care (aka air.brown.jordansa.getup) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#946729", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/946729" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5726.json b/2014/5xxx/CVE-2014-5726.json index 72bb056d22f..134d2c04e2e 100644 --- a/2014/5xxx/CVE-2014-5726.json +++ b/2014/5xxx/CVE-2014-5726.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5726", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Security Service myBranch App (aka com.tyfone.ssfcu.mbanking) application 7.88.00.145 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5726", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#263585", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/263585" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Security Service myBranch App (aka com.tyfone.ssfcu.mbanking) application 7.88.00.145 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + }, + { + "name": "VU#263585", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/263585" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5891.json b/2014/5xxx/CVE-2014-5891.json index a5565907715..d854e08de43 100644 --- a/2014/5xxx/CVE-2014-5891.json +++ b/2014/5xxx/CVE-2014-5891.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5891", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application 1.1.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5891", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#814553", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/814553" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SnipSnap Coupon App (aka com.snipsnap.snipsnapapp) application 1.1.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#814553", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/814553" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2217.json b/2015/2xxx/CVE-2015-2217.json index 4b36e056a76..0943807f21b 100644 --- a/2015/2xxx/CVE-2015-2217.json +++ b/2015/2xxx/CVE-2015-2217.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2217", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Ultimate PHP Board (aka myUPB) before 2.2.8 allow remote attackers to inject arbitrary web script or HTML via the (1) q parameter to search.php or (2) avatar parameter to profile.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2217", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150305 Ultimate PHP Board (UPB) 2.2.7 Cross Site Scripting Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534796/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/130684/Ultimate-PHP-Board-UPB-2.2.7-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/130684/Ultimate-PHP-Board-UPB-2.2.7-Cross-Site-Scripting.html" - }, - { - "name" : "https://github.com/Halamix2/MyUPB/blob/8b00a8f6ea999d22c22b081f4a144f51ec7225b0/changelog.txt", - "refsource" : "CONFIRM", - "url" : "https://github.com/Halamix2/MyUPB/blob/8b00a8f6ea999d22c22b081f4a144f51ec7225b0/changelog.txt" - }, - { - "name" : "https://github.com/PHP-Outburst/myUPB/issues/17", - "refsource" : "CONFIRM", - "url" : "https://github.com/PHP-Outburst/myUPB/issues/17" - }, - { - "name" : "72991", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72991" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Ultimate PHP Board (aka myUPB) before 2.2.8 allow remote attackers to inject arbitrary web script or HTML via the (1) q parameter to search.php or (2) avatar parameter to profile.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "72991", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72991" + }, + { + "name": "http://packetstormsecurity.com/files/130684/Ultimate-PHP-Board-UPB-2.2.7-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/130684/Ultimate-PHP-Board-UPB-2.2.7-Cross-Site-Scripting.html" + }, + { + "name": "20150305 Ultimate PHP Board (UPB) 2.2.7 Cross Site Scripting Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534796/100/0/threaded" + }, + { + "name": "https://github.com/Halamix2/MyUPB/blob/8b00a8f6ea999d22c22b081f4a144f51ec7225b0/changelog.txt", + "refsource": "CONFIRM", + "url": "https://github.com/Halamix2/MyUPB/blob/8b00a8f6ea999d22c22b081f4a144f51ec7225b0/changelog.txt" + }, + { + "name": "https://github.com/PHP-Outburst/myUPB/issues/17", + "refsource": "CONFIRM", + "url": "https://github.com/PHP-Outburst/myUPB/issues/17" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2579.json b/2015/2xxx/CVE-2015-2579.json index 3b27a647627..f2c84e61f67 100644 --- a/2015/2xxx/CVE-2015-2579.json +++ b/2015/2xxx/CVE-2015-2579.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2579", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Health Sciences Argus Safety component in Oracle Health Sciences Applications 8.0 allows local users to affect confidentiality via vectors related to BIP Installer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2579", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" - }, - { - "name" : "74113", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74113" - }, - { - "name" : "1032130", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032130" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Health Sciences Argus Safety component in Oracle Health Sciences Applications 8.0 allows local users to affect confidentiality via vectors related to BIP Installer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032130", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032130" + }, + { + "name": "74113", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74113" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2876.json b/2015/2xxx/CVE-2015-2876.json index b949560a0d3..52b3fdc0e9d 100644 --- a/2015/2xxx/CVE-2015-2876.json +++ b/2015/2xxx/CVE-2015-2876.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2876", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to execute arbitrary code by uploading a file to /media/sda2 during a Wi-Fi session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-2876", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.kb.cert.org/vuls/id/GWAN-9ZGTUH", - "refsource" : "CONFIRM", - "url" : "https://www.kb.cert.org/vuls/id/GWAN-9ZGTUH" - }, - { - "name" : "https://www.kb.cert.org/vuls/id/GWAN-A26L3F", - "refsource" : "CONFIRM", - "url" : "https://www.kb.cert.org/vuls/id/GWAN-A26L3F" - }, - { - "name" : "VU#903500", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/903500" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile Storage, Seagate Wireless Plus Mobile Storage, and LaCie FUEL devices with firmware before 3.4.1.105 allows remote attackers to execute arbitrary code by uploading a file to /media/sda2 during a Wi-Fi session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#903500", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/903500" + }, + { + "name": "https://www.kb.cert.org/vuls/id/GWAN-9ZGTUH", + "refsource": "CONFIRM", + "url": "https://www.kb.cert.org/vuls/id/GWAN-9ZGTUH" + }, + { + "name": "https://www.kb.cert.org/vuls/id/GWAN-A26L3F", + "refsource": "CONFIRM", + "url": "https://www.kb.cert.org/vuls/id/GWAN-A26L3F" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6044.json b/2015/6xxx/CVE-2015-6044.json index 89c6edc9444..18fe9feb3a9 100644 --- a/2015/6xxx/CVE-2015-6044.json +++ b/2015/6xxx/CVE-2015-6044.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6044", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 8 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka \"Internet Explorer Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6044", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-106", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106" - }, - { - "name" : "1033800", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033800" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 8 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka \"Internet Explorer Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033800", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033800" + }, + { + "name": "MS15-106", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6073.json b/2015/6xxx/CVE-2015-6073.json index c6484af44ef..5c7d7a80644 100644 --- a/2015/6xxx/CVE-2015-6073.json +++ b/2015/6xxx/CVE-2015-6073.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6073", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6068, CVE-2015-6072, CVE-2015-6075, CVE-2015-6077, CVE-2015-6079, CVE-2015-6080, and CVE-2015-6082." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6073", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-112", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" - }, - { - "name" : "MS15-113", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-113" - }, - { - "name" : "1034112", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034112" - }, - { - "name" : "1034113", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034113" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6068, CVE-2015-6072, CVE-2015-6075, CVE-2015-6077, CVE-2015-6079, CVE-2015-6080, and CVE-2015-6082." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-113", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-113" + }, + { + "name": "1034112", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034112" + }, + { + "name": "1034113", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034113" + }, + { + "name": "MS15-112", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6331.json b/2015/6xxx/CVE-2015-6331.json index 5f8711d8350..60411855e8f 100644 --- a/2015/6xxx/CVE-2015-6331.json +++ b/2015/6xxx/CVE-2015-6331.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6331", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the web framework in Cisco Prime Collaboration Assurance 10.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCus39887." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6331", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151008 Cisco Prime Collaboration Assurance SQL Injection Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pca2" - }, - { - "name" : "1033782", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033782" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the web framework in Cisco Prime Collaboration Assurance 10.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCus39887." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033782", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033782" + }, + { + "name": "20151008 Cisco Prime Collaboration Assurance SQL Injection Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pca2" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6938.json b/2015/6xxx/CVE-2015-6938.json index 747f985d6a6..14270acbd58 100644 --- a/2015/6xxx/CVE-2015-6938.json +++ b/2015/6xxx/CVE-2015-6938.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6938", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site request forgery (CSRF) vulnerability, but this may be inaccurate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6938", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150902 CVE Request : CSRF in IPython/Jupyter notebook Tree.", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2015/q3/474" - }, - { - "name" : "[oss-security] 20150914 Re: CVE Request : CSRF in IPython/Jupyter notebook Tree.", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2015/q3/544" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1259405", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1259405" - }, - { - "name" : "https://github.com/ipython/ipython/commit/3ab41641cf6fce3860c73d5cf4645aa12e1e5892", - "refsource" : "CONFIRM", - "url" : "https://github.com/ipython/ipython/commit/3ab41641cf6fce3860c73d5cf4645aa12e1e5892" - }, - { - "name" : "https://github.com/jupyter/notebook/commit/35f32dd2da804d108a3a3585b69ec3295b2677ed", - "refsource" : "CONFIRM", - "url" : "https://github.com/jupyter/notebook/commit/35f32dd2da804d108a3a3585b69ec3295b2677ed" - }, - { - "name" : "https://github.com/jupyter/notebook/commit/dd9876381f0ef09873d8c5f6f2063269172331e3", - "refsource" : "CONFIRM", - "url" : "https://github.com/jupyter/notebook/commit/dd9876381f0ef09873d8c5f6f2063269172331e3" - }, - { - "name" : "FEDORA-2015-14901", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166471.html" - }, - { - "name" : "FEDORA-2015-14902", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166460.html" - }, - { - "name" : "FEDORA-2015-16128", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167670.html" - }, - { - "name" : "openSUSE-SU-2015:1699", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-10/msg00016.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site request forgery (CSRF) vulnerability, but this may be inaccurate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:1699", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00016.html" + }, + { + "name": "https://github.com/ipython/ipython/commit/3ab41641cf6fce3860c73d5cf4645aa12e1e5892", + "refsource": "CONFIRM", + "url": "https://github.com/ipython/ipython/commit/3ab41641cf6fce3860c73d5cf4645aa12e1e5892" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1259405", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1259405" + }, + { + "name": "[oss-security] 20150902 CVE Request : CSRF in IPython/Jupyter notebook Tree.", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2015/q3/474" + }, + { + "name": "[oss-security] 20150914 Re: CVE Request : CSRF in IPython/Jupyter notebook Tree.", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2015/q3/544" + }, + { + "name": "https://github.com/jupyter/notebook/commit/dd9876381f0ef09873d8c5f6f2063269172331e3", + "refsource": "CONFIRM", + "url": "https://github.com/jupyter/notebook/commit/dd9876381f0ef09873d8c5f6f2063269172331e3" + }, + { + "name": "FEDORA-2015-16128", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167670.html" + }, + { + "name": "https://github.com/jupyter/notebook/commit/35f32dd2da804d108a3a3585b69ec3295b2677ed", + "refsource": "CONFIRM", + "url": "https://github.com/jupyter/notebook/commit/35f32dd2da804d108a3a3585b69ec3295b2677ed" + }, + { + "name": "FEDORA-2015-14901", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166471.html" + }, + { + "name": "FEDORA-2015-14902", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166460.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0146.json b/2016/0xxx/CVE-2016-0146.json index d62758f4d25..6afa4206017 100644 --- a/2016/0xxx/CVE-2016-0146.json +++ b/2016/0xxx/CVE-2016-0146.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0146", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0146", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10072.json b/2016/10xxx/CVE-2016-10072.json index e285bda2cb9..dafa64d5f52 100644 --- a/2016/10xxx/CVE-2016-10072.json +++ b/2016/10xxx/CVE-2016-10072.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10072", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local attacker must insert an executable file called wampmanager.exe or unins000.exe and replace the original files. The next time one of these programs is launched by a more privileged user, malicious code chosen by the local attacker will run. NOTE: the vendor disputes the relevance of this report, taking the position that a configuration in which \"'someone' (an attacker) is able to replace files on a PC\" is not \"the fault of WampServer.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10072", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://forum.wampserver.com/read.php?2,144473", - "refsource" : "MISC", - "url" : "http://forum.wampserver.com/read.php?2,144473" - }, - { - "name" : "https://packetstormsecurity.com/files/138948/wampserver306-insecure.txt", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/138948/wampserver306-insecure.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local attacker must insert an executable file called wampmanager.exe or unins000.exe and replace the original files. The next time one of these programs is launched by a more privileged user, malicious code chosen by the local attacker will run. NOTE: the vendor disputes the relevance of this report, taking the position that a configuration in which \"'someone' (an attacker) is able to replace files on a PC\" is not \"the fault of WampServer.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://packetstormsecurity.com/files/138948/wampserver306-insecure.txt", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/138948/wampserver306-insecure.txt" + }, + { + "name": "http://forum.wampserver.com/read.php?2,144473", + "refsource": "MISC", + "url": "http://forum.wampserver.com/read.php?2,144473" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10364.json b/2016/10xxx/CVE-2016-10364.json index 7eb332d0ffb..c5263a71902 100644 --- a/2016/10xxx/CVE-2016-10364.json +++ b/2016/10xxx/CVE-2016-10364.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@elastic.co", - "ID" : "CVE-2016-10364", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Elastic X-Pack Security", - "version" : { - "version_data" : [ - { - "version_value" : "before 5.0.2" - } - ] - } - } - ] - }, - "vendor_name" : "Elastic" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-306: Missing Authentication for Critical Function" - } + "CVE_data_meta": { + "ASSIGNER": "security@elastic.co", + "ID": "CVE-2016-10364", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Elastic X-Pack Security", + "version": { + "version_data": [ + { + "version_value": "before 5.0.2" + } + ] + } + } + ] + }, + "vendor_name": "Elastic" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.elastic.co/community/security", - "refsource" : "CONFIRM", - "url" : "https://www.elastic.co/community/security" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-306: Missing Authentication for Critical Function" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.elastic.co/community/security", + "refsource": "CONFIRM", + "url": "https://www.elastic.co/community/security" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10389.json b/2016/10xxx/CVE-2016-10389.json index e8bbd332b3c..084fb3dc1b8 100644 --- a/2016/10xxx/CVE-2016-10389.json +++ b/2016/10xxx/CVE-2016-10389.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2017-07-01T00:00:00", - "ID" : "CVE-2016-10389", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond the intended partition." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Input Validation in LK" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2017-07-01T00:00:00", + "ID": "CVE-2016-10389", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-07-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-07-01" - }, - { - "name" : "99465", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99465" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond the intended partition." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Input Validation in LK" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-07-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-07-01" + }, + { + "name": "99465", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99465" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4019.json b/2016/4xxx/CVE-2016-4019.json index f4a30640be3..e38ce209db9 100644 --- a/2016/4xxx/CVE-2016-4019.json +++ b/2016/4xxx/CVE-2016-4019.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4019", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 104477." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4019", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0", - "refsource" : "CONFIRM", - "url" : "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0" - }, - { - "name" : "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories", - "refsource" : "CONFIRM", - "url" : "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories" - }, - { - "name" : "95922", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95922" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 104477." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95922", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95922" + }, + { + "name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0", + "refsource": "CONFIRM", + "url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0" + }, + { + "name": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories", + "refsource": "CONFIRM", + "url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4102.json b/2016/4xxx/CVE-2016-4102.json index 18fe1a7d2e7..c4acee55327 100644 --- a/2016/4xxx/CVE-2016-4102.json +++ b/2016/4xxx/CVE-2016-4102.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4102", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4107." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4102", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" - }, - { - "name" : "90512", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90512" - }, - { - "name" : "1035828", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4107." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "90512", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90512" + }, + { + "name": "1035828", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035828" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4142.json b/2016/4xxx/CVE-2016-4142.json index e70f66ccdb1..9d562285a8d 100644 --- a/2016/4xxx/CVE-2016-4142.json +++ b/2016/4xxx/CVE-2016-4142.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4142", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4142", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" - }, - { - "name" : "MS16-083", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" - }, - { - "name" : "RHSA-2016:1238", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1238" - }, - { - "name" : "SUSE-SU-2016:1613", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" - }, - { - "name" : "openSUSE-SU-2016:1621", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" - }, - { - "name" : "openSUSE-SU-2016:1625", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" - }, - { - "name" : "1036117", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036117" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036117", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036117" + }, + { + "name": "MS16-083", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" + }, + { + "name": "openSUSE-SU-2016:1625", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" + }, + { + "name": "RHSA-2016:1238", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1238" + }, + { + "name": "openSUSE-SU-2016:1621", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" + }, + { + "name": "SUSE-SU-2016:1613", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4286.json b/2016/4xxx/CVE-2016-4286.json index 1151b0b3428..95a3e98bc41 100644 --- a/2016/4xxx/CVE-2016-4286.json +++ b/2016/4xxx/CVE-2016-4286.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4286", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4286", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" - }, - { - "name" : "GLSA-201610-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-10" - }, - { - "name" : "RHSA-2016:2057", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2057.html" - }, - { - "name" : "93497", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93497" - }, - { - "name" : "1036985", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036985" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201610-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-10" + }, + { + "name": "93497", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93497" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-32.html" + }, + { + "name": "RHSA-2016:2057", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2057.html" + }, + { + "name": "1036985", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036985" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9172.json b/2016/9xxx/CVE-2016-9172.json index 80679187881..52db98f36e9 100644 --- a/2016/9xxx/CVE-2016-9172.json +++ b/2016/9xxx/CVE-2016-9172.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9172", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9172", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9644.json b/2016/9xxx/CVE-2016-9644.json index a67e88e5822..9d13ea81ed6 100644 --- a/2016/9xxx/CVE-2016-9644.json +++ b/2016/9xxx/CVE-2016-9644.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9644", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted application. NOTE: this vulnerability exists because of incorrect backporting of the CVE-2016-9178 patch to older kernels." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9644", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161107 Re: Re: kernel: fix minor infoleak in get_user_ex()", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/07/4" - }, - { - "name" : "https://lwn.net/Articles/705220/", - "refsource" : "CONFIRM", - "url" : "https://lwn.net/Articles/705220/" - }, - { - "name" : "USN-3146-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3146-1" - }, - { - "name" : "USN-3146-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3146-2" - }, - { - "name" : "94545", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94545" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 through 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted application. NOTE: this vulnerability exists because of incorrect backporting of the CVE-2016-9178 patch to older kernels." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3146-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3146-2" + }, + { + "name": "94545", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94545" + }, + { + "name": "USN-3146-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3146-1" + }, + { + "name": "[oss-security] 20161107 Re: Re: kernel: fix minor infoleak in get_user_ex()", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/07/4" + }, + { + "name": "https://lwn.net/Articles/705220/", + "refsource": "CONFIRM", + "url": "https://lwn.net/Articles/705220/" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9662.json b/2016/9xxx/CVE-2016-9662.json index 5d7a265aa09..079482a18c3 100644 --- a/2016/9xxx/CVE-2016-9662.json +++ b/2016/9xxx/CVE-2016-9662.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9662", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9662", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9706.json b/2016/9xxx/CVE-2016-9706.json index 2c7a0139a99..230b430221b 100644 --- a/2016/9xxx/CVE-2016-9706.json +++ b/2016/9xxx/CVE-2016-9706.json @@ -1,79 +1,79 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-9706", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Integration Bus", - "version" : { - "version_data" : [ - { - "version_value" : "9.0.0.0" - }, - { - "version_value" : "9.0" - }, - { - "version_value" : "10" - }, - { - "version_value" : "10.0" - }, - { - "version_value" : "9" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Integration Bus 9.0 and 10.0 and WebSphere Message Broker SOAP FLOWS is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 1997918." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-9706", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Integration Bus", + "version": { + "version_data": [ + { + "version_value": "9.0.0.0" + }, + { + "version_value": "9.0" + }, + { + "version_value": "10" + }, + { + "version_value": "10.0" + }, + { + "version_value": "9" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21997918", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21997918" - }, - { - "name" : "96274", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96274" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Integration Bus 9.0 and 10.0 and WebSphere Message Broker SOAP FLOWS is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 1997918." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "96274", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96274" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21997918", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21997918" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2378.json b/2019/2xxx/CVE-2019-2378.json index 48918c3a8fa..adaf5a34b7d 100644 --- a/2019/2xxx/CVE-2019-2378.json +++ b/2019/2xxx/CVE-2019-2378.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2378", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2378", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2645.json b/2019/2xxx/CVE-2019-2645.json index a5b2d4e5302..eac3819e23a 100644 --- a/2019/2xxx/CVE-2019-2645.json +++ b/2019/2xxx/CVE-2019-2645.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2645", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2645", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2819.json b/2019/2xxx/CVE-2019-2819.json index 0e9cc3d768f..cb3adf851e0 100644 --- a/2019/2xxx/CVE-2019-2819.json +++ b/2019/2xxx/CVE-2019-2819.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2819", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2819", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2962.json b/2019/2xxx/CVE-2019-2962.json index 9ad185ea078..ee710f26a21 100644 --- a/2019/2xxx/CVE-2019-2962.json +++ b/2019/2xxx/CVE-2019-2962.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2962", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2962", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3137.json b/2019/3xxx/CVE-2019-3137.json index c0098f16972..6d4db26b3c7 100644 --- a/2019/3xxx/CVE-2019-3137.json +++ b/2019/3xxx/CVE-2019-3137.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3137", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3137", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3353.json b/2019/3xxx/CVE-2019-3353.json index 95ee2ce87eb..ec3c4d57687 100644 --- a/2019/3xxx/CVE-2019-3353.json +++ b/2019/3xxx/CVE-2019-3353.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3353", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3353", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3668.json b/2019/3xxx/CVE-2019-3668.json index 2bff0523373..ac3beee6f36 100644 --- a/2019/3xxx/CVE-2019-3668.json +++ b/2019/3xxx/CVE-2019-3668.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3668", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3668", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3695.json b/2019/3xxx/CVE-2019-3695.json index c4f4f1450e3..15a6b8e8863 100644 --- a/2019/3xxx/CVE-2019-3695.json +++ b/2019/3xxx/CVE-2019-3695.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3695", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3695", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6095.json b/2019/6xxx/CVE-2019-6095.json index 88932f4a6df..0167a585a75 100644 --- a/2019/6xxx/CVE-2019-6095.json +++ b/2019/6xxx/CVE-2019-6095.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6095", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6095", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6197.json b/2019/6xxx/CVE-2019-6197.json index 39616687c42..3fadca2a726 100644 --- a/2019/6xxx/CVE-2019-6197.json +++ b/2019/6xxx/CVE-2019-6197.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6197", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6197", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6966.json b/2019/6xxx/CVE-2019-6966.json index 9e0e22ccb59..849f1f18c99 100644 --- a/2019/6xxx/CVE-2019-6966.json +++ b/2019/6xxx/CVE-2019-6966.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6966", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom class in Core/Ap4ElstAtom.cpp has an attempted excessive memory allocation related to AP4_Array::EnsureCapacity in Core/Ap4Array.h, as demonstrated by mp42hls." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6966", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/axiomatic-systems/Bento4/issues/361", - "refsource" : "MISC", - "url" : "https://github.com/axiomatic-systems/Bento4/issues/361" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom class in Core/Ap4ElstAtom.cpp has an attempted excessive memory allocation related to AP4_Array::EnsureCapacity in Core/Ap4Array.h, as demonstrated by mp42hls." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/axiomatic-systems/Bento4/issues/361", + "refsource": "MISC", + "url": "https://github.com/axiomatic-systems/Bento4/issues/361" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7403.json b/2019/7xxx/CVE-2019-7403.json index 7fccb43b247..b65ef8a9df8 100644 --- a/2019/7xxx/CVE-2019-7403.json +++ b/2019/7xxx/CVE-2019-7403.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7403", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in PHPMyWind 5.5. It allows remote attackers to delete arbitrary folders via an admin/database_backup.php?action=import&dopost=deldir&tbname=../ URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7403", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/panghusec/exploit/issues/9", - "refsource" : "MISC", - "url" : "https://github.com/panghusec/exploit/issues/9" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in PHPMyWind 5.5. It allows remote attackers to delete arbitrary folders via an admin/database_backup.php?action=import&dopost=deldir&tbname=../ URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/panghusec/exploit/issues/9", + "refsource": "MISC", + "url": "https://github.com/panghusec/exploit/issues/9" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7599.json b/2019/7xxx/CVE-2019-7599.json index e906ad9d61c..2266668e442 100644 --- a/2019/7xxx/CVE-2019-7599.json +++ b/2019/7xxx/CVE-2019-7599.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7599", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7599", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7660.json b/2019/7xxx/CVE-2019-7660.json index 717f5ad3eb6..aa2d968f5ae 100644 --- a/2019/7xxx/CVE-2019-7660.json +++ b/2019/7xxx/CVE-2019-7660.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7660", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in PHPMyWind 5.5. The username parameter of the /install/index.php page has a stored Cross-site Scripting (XSS) vulnerability, as demonstrated by admin/login.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7660", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/0xUhaw/CVE-Bins/tree/master/PHPMyWind/XSS-2", - "refsource" : "MISC", - "url" : "https://github.com/0xUhaw/CVE-Bins/tree/master/PHPMyWind/XSS-2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in PHPMyWind 5.5. The username parameter of the /install/index.php page has a stored Cross-site Scripting (XSS) vulnerability, as demonstrated by admin/login.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/0xUhaw/CVE-Bins/tree/master/PHPMyWind/XSS-2", + "refsource": "MISC", + "url": "https://github.com/0xUhaw/CVE-Bins/tree/master/PHPMyWind/XSS-2" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7998.json b/2019/7xxx/CVE-2019-7998.json index c2757d8e578..fc0661fc9c3 100644 --- a/2019/7xxx/CVE-2019-7998.json +++ b/2019/7xxx/CVE-2019-7998.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7998", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7998", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8448.json b/2019/8xxx/CVE-2019-8448.json index 5c3a5e95c58..854f88ad16b 100644 --- a/2019/8xxx/CVE-2019-8448.json +++ b/2019/8xxx/CVE-2019-8448.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8448", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8448", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8497.json b/2019/8xxx/CVE-2019-8497.json index d1b5119155e..7119e07e1ea 100644 --- a/2019/8xxx/CVE-2019-8497.json +++ b/2019/8xxx/CVE-2019-8497.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8497", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8497", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8575.json b/2019/8xxx/CVE-2019-8575.json index 61371e0b6d9..039feb7b61e 100644 --- a/2019/8xxx/CVE-2019-8575.json +++ b/2019/8xxx/CVE-2019-8575.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8575", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8575", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8683.json b/2019/8xxx/CVE-2019-8683.json index fd2f85dcea7..04c9634ecba 100644 --- a/2019/8xxx/CVE-2019-8683.json +++ b/2019/8xxx/CVE-2019-8683.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8683", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8683", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8694.json b/2019/8xxx/CVE-2019-8694.json index a1c16744a08..b02de3f4c5d 100644 --- a/2019/8xxx/CVE-2019-8694.json +++ b/2019/8xxx/CVE-2019-8694.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8694", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8694", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file