diff --git a/2007/0xxx/CVE-2007-0228.json b/2007/0xxx/CVE-2007-0228.json index 78ebc4d91ee..d2c1f92c0da 100644 --- a/2007/0xxx/CVE-2007-0228.json +++ b/2007/0xxx/CVE-2007-0228.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0228", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) &LOGPATH& (6) &FWADELTA& (7) &FWALOG& (8) &SETSYNCHRONOUS& (9) &SETPRGFILE&, or (10) &SETREPLYPORT& string to TCP port 10618, which triggers a NULL pointer dereference." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0228", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070110 EIQ Networks Network Security Analyzer DoS Vulnerability", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0209.html" - }, - { - "name" : "21994", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21994" - }, - { - "name" : "ADV-2007-0147", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0147" - }, - { - "name" : "32725", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32725" - }, - { - "name" : "23693", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23693" - }, - { - "name" : "eiq-datacollector-dos(31428)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31428" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) &LOGPATH& (6) &FWADELTA& (7) &FWALOG& (8) &SETSYNCHRONOUS& (9) &SETPRGFILE&, or (10) &SETREPLYPORT& string to TCP port 10618, which triggers a NULL pointer dereference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21994", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21994" + }, + { + "name": "23693", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23693" + }, + { + "name": "20070110 EIQ Networks Network Security Analyzer DoS Vulnerability", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0209.html" + }, + { + "name": "ADV-2007-0147", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0147" + }, + { + "name": "eiq-datacollector-dos(31428)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31428" + }, + { + "name": "32725", + "refsource": "OSVDB", + "url": "http://osvdb.org/32725" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0523.json b/2007/0xxx/CVE-2007-0523.json index 6d373a4d8eb..3ed26005b18 100644 --- a/2007/0xxx/CVE-2007-0523.json +++ b/2007/0xxx/CVE-2007-0523.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0523", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Nokia N70 phone allows remote attackers to cause a denial of service (continual modal dialogs and UI unavailability) by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0523", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070123 Bluetooth DoS by obex push", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457768/100/0/threaded" - }, - { - "name" : "20070123 Re: Bluetooth DoS by obex push [readable]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457797/100/0/threaded" - }, - { - "name" : "2180", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2180" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Nokia N70 phone allows remote attackers to cause a denial of service (continual modal dialogs and UI unavailability) by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2180", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2180" + }, + { + "name": "20070123 Re: Bluetooth DoS by obex push [readable]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457797/100/0/threaded" + }, + { + "name": "20070123 Bluetooth DoS by obex push", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457768/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0660.json b/2007/0xxx/CVE-2007-0660.json index b4c8511deef..4cd8b580cff 100644 --- a/2007/0xxx/CVE-2007-0660.json +++ b/2007/0xxx/CVE-2007-0660.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0660", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the IFrame module before 03.02.01 for DotNetNuke (DNN) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to \"Pass through values.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0660", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.dotnetnuke.com/Default.aspx?tabid=825&EntryID=1278", - "refsource" : "CONFIRM", - "url" : "http://www.dotnetnuke.com/Default.aspx?tabid=825&EntryID=1278" - }, - { - "name" : "22334", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22334" - }, - { - "name" : "ADV-2007-0433", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0433" - }, - { - "name" : "36476", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36476" - }, - { - "name" : "dotnetnuke-iframe-unspecified-xss(32037)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32037" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the IFrame module before 03.02.01 for DotNetNuke (DNN) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to \"Pass through values.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "dotnetnuke-iframe-unspecified-xss(32037)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32037" + }, + { + "name": "http://www.dotnetnuke.com/Default.aspx?tabid=825&EntryID=1278", + "refsource": "CONFIRM", + "url": "http://www.dotnetnuke.com/Default.aspx?tabid=825&EntryID=1278" + }, + { + "name": "22334", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22334" + }, + { + "name": "36476", + "refsource": "OSVDB", + "url": "http://osvdb.org/36476" + }, + { + "name": "ADV-2007-0433", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0433" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0778.json b/2007/0xxx/CVE-2007-0778.json index f6f0668c2f3..7ab8033f88e 100644 --- a/2007/0xxx/CVE-2007-0778.json +++ b/2007/0xxx/CVE-2007-0778.json @@ -1,312 +1,312 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0778", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0778", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070226 rPSA-2007-0040-1 firefox", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461336/100/0/threaded" - }, - { - "name" : "20070303 rPSA-2007-0040-3 firefox thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461809/100/0/threaded" - }, - { - "name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-03.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-03.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=347852", - "refsource" : "MISC", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=347852" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1081", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1081" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1103", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1103" - }, - { - "name" : "DSA-1336", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1336" - }, - { - "name" : "FEDORA-2007-281", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2713" - }, - { - "name" : "FEDORA-2007-293", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2728" - }, - { - "name" : "GLSA-200703-04", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-04.xml" - }, - { - "name" : "GLSA-200703-08", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml" - }, - { - "name" : "HPSBUX02153", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "SSRT061181", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "MDKSA-2007:050", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050" - }, - { - "name" : "RHSA-2007:0079", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0079.html" - }, - { - "name" : "RHSA-2007:0077", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0077.html" - }, - { - "name" : "RHSA-2007:0078", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0078.html" - }, - { - "name" : "RHSA-2007:0097", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0097.html" - }, - { - "name" : "RHSA-2007:0108", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0108.html" - }, - { - "name" : "20070301-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc" - }, - { - "name" : "20070202-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc" - }, - { - "name" : "SSA:2007-066-03", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851" - }, - { - "name" : "SSA:2007-066-05", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131" - }, - { - "name" : "SUSE-SA:2007:019", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html" - }, - { - "name" : "SUSE-SA:2007:022", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html" - }, - { - "name" : "USN-428-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-428-1" - }, - { - "name" : "22694", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22694" - }, - { - "name" : "oval:org.mitre.oval:def:9151", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9151" - }, - { - "name" : "ADV-2007-0718", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0718" - }, - { - "name" : "ADV-2008-0083", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0083" - }, - { - "name" : "32110", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32110" - }, - { - "name" : "1017699", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017699" - }, - { - "name" : "24238", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24238" - }, - { - "name" : "24287", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24287" - }, - { - "name" : "24290", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24290" - }, - { - "name" : "24205", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24205" - }, - { - "name" : "24328", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24328" - }, - { - "name" : "24333", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24333" - }, - { - "name" : "24343", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24343" - }, - { - "name" : "24320", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24320" - }, - { - "name" : "24293", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24293" - }, - { - "name" : "24393", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24393" - }, - { - "name" : "24395", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24395" - }, - { - "name" : "24384", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24384" - }, - { - "name" : "24437", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24437" - }, - { - "name" : "24650", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24650" - }, - { - "name" : "24455", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24455" - }, - { - "name" : "24457", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24457" - }, - { - "name" : "24342", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24342" - }, - { - "name" : "25588", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25588" - }, - { - "name" : "mozilla-diskcache-information-disclosure(32671)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2007:0078", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html" + }, + { + "name": "24395", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24395" + }, + { + "name": "20070226 rPSA-2007-0040-1 firefox", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded" + }, + { + "name": "24328", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24328" + }, + { + "name": "RHSA-2007:0108", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html" + }, + { + "name": "GLSA-200703-04", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml" + }, + { + "name": "mozilla-diskcache-information-disclosure(32671)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32671" + }, + { + "name": "GLSA-200703-08", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml" + }, + { + "name": "SSA:2007-066-03", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851" + }, + { + "name": "24384", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24384" + }, + { + "name": "24457", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24457" + }, + { + "name": "24343", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24343" + }, + { + "name": "DSA-1336", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1336" + }, + { + "name": "HPSBUX02153", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "1017699", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017699" + }, + { + "name": "ADV-2007-0718", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0718" + }, + { + "name": "24650", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24650" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=347852", + "refsource": "MISC", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=347852" + }, + { + "name": "USN-428-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-428-1" + }, + { + "name": "32110", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32110" + }, + { + "name": "24320", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24320" + }, + { + "name": "25588", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25588" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1103", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1103" + }, + { + "name": "SUSE-SA:2007:019", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html" + }, + { + "name": "ADV-2008-0083", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0083" + }, + { + "name": "20070303 rPSA-2007-0040-3 firefox thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded" + }, + { + "name": "SUSE-SA:2007:022", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html" + }, + { + "name": "24293", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24293" + }, + { + "name": "24238", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24238" + }, + { + "name": "24393", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24393" + }, + { + "name": "24342", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24342" + }, + { + "name": "24287", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24287" + }, + { + "name": "oval:org.mitre.oval:def:9151", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9151" + }, + { + "name": "22694", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22694" + }, + { + "name": "SSRT061181", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "FEDORA-2007-281", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2713" + }, + { + "name": "RHSA-2007:0097", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html" + }, + { + "name": "FEDORA-2007-293", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2728" + }, + { + "name": "20070301-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc" + }, + { + "name": "24205", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24205" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1081", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1081" + }, + { + "name": "24333", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24333" + }, + { + "name": "MDKSA-2007:050", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050" + }, + { + "name": "24290", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24290" + }, + { + "name": "24455", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24455" + }, + { + "name": "RHSA-2007:0077", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html" + }, + { + "name": "20070202-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc" + }, + { + "name": "SSA:2007-066-05", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131" + }, + { + "name": "RHSA-2007:0079", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-03.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-03.html" + }, + { + "name": "24437", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24437" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0828.json b/2007/0xxx/CVE-2007-0828.json index b9123efa003..70b8c312a04 100644 --- a/2007/0xxx/CVE-2007-0828.json +++ b/2007/0xxx/CVE-2007-0828.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0828", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in affichearticles.php3 in MySQLNewsEngine allows remote attackers to execute arbitrary PHP code via a URL in the newsenginedir parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0828", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070206 MySQLNewsEngine (affichearticles.php3) Remote File Inc. Vuln.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459290/100/0/threaded" - }, - { - "name" : "22431", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22431" - }, - { - "name" : "ADV-2007-0513", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0513" - }, - { - "name" : "33678", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33678" - }, - { - "name" : "2229", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2229" - }, - { - "name" : "mysqlnewsengine-affichearticle-file-include(32266)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32266" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in affichearticles.php3 in MySQLNewsEngine allows remote attackers to execute arbitrary PHP code via a URL in the newsenginedir parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "mysqlnewsengine-affichearticle-file-include(32266)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32266" + }, + { + "name": "20070206 MySQLNewsEngine (affichearticles.php3) Remote File Inc. Vuln.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459290/100/0/threaded" + }, + { + "name": "2229", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2229" + }, + { + "name": "ADV-2007-0513", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0513" + }, + { + "name": "22431", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22431" + }, + { + "name": "33678", + "refsource": "OSVDB", + "url": "http://osvdb.org/33678" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0931.json b/2007/0xxx/CVE-2007-0931.json index c84b984ba3e..c5c7e317068 100644 --- a/2007/0xxx/CVE-2007-0931.json +++ b/2007/0xxx/CVE-2007-0931.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0931", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via long credential strings." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0931", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070213 Aruba Mobility Controller Management Buffer Overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459928/100/0/threaded" - }, - { - "name" : "20070213 Aruba Mobility Controller Management Buffer Overflow", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052380.html" - }, - { - "name" : "VU#319913", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/319913" - }, - { - "name" : "22538", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22538" - }, - { - "name" : "33184", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33184" - }, - { - "name" : "24144", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24144" - }, - { - "name" : "2244", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2244" - }, - { - "name" : "aruba-management-interface-bo(32459)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32459" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via long credential strings." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070213 Aruba Mobility Controller Management Buffer Overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459928/100/0/threaded" + }, + { + "name": "VU#319913", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/319913" + }, + { + "name": "24144", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24144" + }, + { + "name": "aruba-management-interface-bo(32459)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32459" + }, + { + "name": "22538", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22538" + }, + { + "name": "33184", + "refsource": "OSVDB", + "url": "http://osvdb.org/33184" + }, + { + "name": "2244", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2244" + }, + { + "name": "20070213 Aruba Mobility Controller Management Buffer Overflow", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052380.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1455.json b/2007/1xxx/CVE-2007-1455.json index 851717935be..4a9bda1cd4c 100644 --- a/2007/1xxx/CVE-2007-1455.json +++ b/2007/1xxx/CVE-2007-1455.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1455", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1455", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070311 Fantastico In all Version Cpanel 10.x <= local File Include", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462562/100/0/threaded" - }, - { - "name" : "35036", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35036" - }, - { - "name" : "35037", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35037" - }, - { - "name" : "2420", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2420" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070311 Fantastico In all Version Cpanel 10.x <= local File Include", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462562/100/0/threaded" + }, + { + "name": "35036", + "refsource": "OSVDB", + "url": "http://osvdb.org/35036" + }, + { + "name": "2420", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2420" + }, + { + "name": "35037", + "refsource": "OSVDB", + "url": "http://osvdb.org/35037" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3259.json b/2007/3xxx/CVE-2007-3259.json index 3708e2ad89e..9e9da753bed 100644 --- a/2007/3xxx/CVE-2007-3259.json +++ b/2007/3xxx/CVE-2007-3259.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3259", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Calendarix 0.7.20070307 allows remote attackers to obtain sensitive information via (1) an invalid month[] parameter to calendar.php, (2) an invalid catview[] parameter to cal_week.php in a week operation, (3) an invalid ycyear[] parameter to yearcal.php, or (4) a direct request to cal_functions.inc.php, which reveals the installation path in various error messages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3259", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070625 Calendarix version 0.7. 20070307 Multiple Path Disclosure Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/472204/100/0/threaded" - }, - { - "name" : "http://www.netvigilance.com/advisory0036", - "refsource" : "MISC", - "url" : "http://www.netvigilance.com/advisory0036" - }, - { - "name" : "35371", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/35371" - }, - { - "name" : "35697", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35697" - }, - { - "name" : "35698", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35698" - }, - { - "name" : "35699", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35699" - }, - { - "name" : "2841", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2841" - }, - { - "name" : "calendarix-multiple-path-disclosure(35041)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35041" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Calendarix 0.7.20070307 allows remote attackers to obtain sensitive information via (1) an invalid month[] parameter to calendar.php, (2) an invalid catview[] parameter to cal_week.php in a week operation, (3) an invalid ycyear[] parameter to yearcal.php, or (4) a direct request to cal_functions.inc.php, which reveals the installation path in various error messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35698", + "refsource": "OSVDB", + "url": "http://osvdb.org/35698" + }, + { + "name": "calendarix-multiple-path-disclosure(35041)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35041" + }, + { + "name": "2841", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2841" + }, + { + "name": "20070625 Calendarix version 0.7. 20070307 Multiple Path Disclosure Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/472204/100/0/threaded" + }, + { + "name": "35697", + "refsource": "OSVDB", + "url": "http://osvdb.org/35697" + }, + { + "name": "35699", + "refsource": "OSVDB", + "url": "http://osvdb.org/35699" + }, + { + "name": "35371", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/35371" + }, + { + "name": "http://www.netvigilance.com/advisory0036", + "refsource": "MISC", + "url": "http://www.netvigilance.com/advisory0036" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3620.json b/2007/3xxx/CVE-2007-3620.json index 889d659c1bc..d819b420386 100644 --- a/2007/3xxx/CVE-2007-3620.json +++ b/2007/3xxx/CVE-2007-3620.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3620", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in Maia Mailguard 1.0.2 and earlier might allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) prevlang and (2) super parameters to (a) php/login.php; the (3) charset parameter to (a) php/login.php, (b) php/internal-init.php, and (c) php/xlogin.php; the (4) lang parameter to (b) php/internal-init.php; and the (5) language parameter to (c) php/xlogin.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3620", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.maiamailguard.org/maia/changeset/1184", - "refsource" : "CONFIRM", - "url" : "http://www.maiamailguard.org/maia/changeset/1184" - }, - { - "name" : "http://www.maiamailguard.org/maia/ticket/479", - "refsource" : "CONFIRM", - "url" : "http://www.maiamailguard.org/maia/ticket/479" - }, - { - "name" : "37885", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37885" - }, - { - "name" : "37886", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37886" - }, - { - "name" : "37887", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37887" - }, - { - "name" : "ADV-2007-2456", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2456" - }, - { - "name" : "25951", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25951" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in Maia Mailguard 1.0.2 and earlier might allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) prevlang and (2) super parameters to (a) php/login.php; the (3) charset parameter to (a) php/login.php, (b) php/internal-init.php, and (c) php/xlogin.php; the (4) lang parameter to (b) php/internal-init.php; and the (5) language parameter to (c) php/xlogin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.maiamailguard.org/maia/changeset/1184", + "refsource": "CONFIRM", + "url": "http://www.maiamailguard.org/maia/changeset/1184" + }, + { + "name": "37885", + "refsource": "OSVDB", + "url": "http://osvdb.org/37885" + }, + { + "name": "37887", + "refsource": "OSVDB", + "url": "http://osvdb.org/37887" + }, + { + "name": "37886", + "refsource": "OSVDB", + "url": "http://osvdb.org/37886" + }, + { + "name": "ADV-2007-2456", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2456" + }, + { + "name": "http://www.maiamailguard.org/maia/ticket/479", + "refsource": "CONFIRM", + "url": "http://www.maiamailguard.org/maia/ticket/479" + }, + { + "name": "25951", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25951" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4035.json b/2007/4xxx/CVE-2007-4035.json index 82158f8d431..5552552c523 100644 --- a/2007/4xxx/CVE-2007-4035.json +++ b/2007/4xxx/CVE-2007-4035.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4035", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4035", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070726 Guidance Software response to iSEC report on EnCase", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474727/100/0/threaded" - }, - { - "name" : "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474750/100/0/threaded" - }, - { - "name" : "20070726 Re: Guidance Software response to iSEC report on EnCase", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474809/100/0/threaded" - }, - { - "name" : "20070802 RE: Re: Guidance Software response to iSEC report on EnCase", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475335/100/0/threaded" - }, - { - "name" : "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer", - "refsource" : "MISC", - "url" : "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer" - }, - { - "name" : "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf", - "refsource" : "MISC", - "url" : "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf" - }, - { - "name" : "25100", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25100" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070726 Re: Guidance Software response to iSEC report on EnCase", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded" + }, + { + "name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer", + "refsource": "MISC", + "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer" + }, + { + "name": "20070726 Guidance Software response to iSEC report on EnCase", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded" + }, + { + "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded" + }, + { + "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded" + }, + { + "name": "25100", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25100" + }, + { + "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf", + "refsource": "MISC", + "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4266.json b/2007/4xxx/CVE-2007-4266.json index 710174a3a58..ae7601dd891 100644 --- a/2007/4xxx/CVE-2007-4266.json +++ b/2007/4xxx/CVE-2007-4266.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4266", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4266", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4586.json b/2007/4xxx/CVE-2007-4586.json index 631c049acb7..cd4537a21f9 100644 --- a/2007/4xxx/CVE-2007-4586.json +++ b/2007/4xxx/CVE-2007-4586.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4586", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in php_iisfunc.dll in the iisfunc extension for PHP 5.2.0 and earlier allow context-dependent attackers to execute arbitrary code, probably during Unicode conversion, as demonstrated by a long string in the first argument to the iis_getservicestate function, related to the ServiceId argument to the (1) fnStartService, (2) fnGetServiceState, (3) fnStopService, and possibly other functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4586", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4318", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4318" - }, - { - "name" : "25452", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25452" - }, - { - "name" : "php-phpiisfunc-bo(36262)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36262" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in php_iisfunc.dll in the iisfunc extension for PHP 5.2.0 and earlier allow context-dependent attackers to execute arbitrary code, probably during Unicode conversion, as demonstrated by a long string in the first argument to the iis_getservicestate function, related to the ServiceId argument to the (1) fnStartService, (2) fnGetServiceState, (3) fnStopService, and possibly other functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25452", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25452" + }, + { + "name": "4318", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4318" + }, + { + "name": "php-phpiisfunc-bo(36262)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36262" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4819.json b/2007/4xxx/CVE-2007-4819.json index d5592b69e38..2972e4837a6 100644 --- a/2007/4xxx/CVE-2007-4819.json +++ b/2007/4xxx/CVE-2007-4819.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4819", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Txx CMS 0.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4819", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070908 TxxCMS_Multiple File inclusion Vulnerabilies", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/478870/100/0/threaded" - }, - { - "name" : "4381", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4381" - }, - { - "name" : "38389", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38389" - }, - { - "name" : "3116", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3116" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Txx CMS 0.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070908 TxxCMS_Multiple File inclusion Vulnerabilies", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/478870/100/0/threaded" + }, + { + "name": "4381", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4381" + }, + { + "name": "3116", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3116" + }, + { + "name": "38389", + "refsource": "OSVDB", + "url": "http://osvdb.org/38389" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4879.json b/2007/4xxx/CVE-2007-4879.json index f3929f6d93b..7b680252889 100644 --- a/2007/4xxx/CVE-2007-4879.json +++ b/2007/4xxx/CVE-2007-4879.json @@ -1,197 +1,197 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4879", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-4879", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080327 rPSA-2008-0128-1 firefox", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/490196/100/0/threaded" - }, - { - "name" : "http://0x90.eu/ff_tls_poc.html", - "refsource" : "MISC", - "url" : "http://0x90.eu/ff_tls_poc.html" - }, - { - "name" : "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=395399", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=395399" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128" - }, - { - "name" : "DSA-1532", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1532" - }, - { - "name" : "DSA-1534", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1534" - }, - { - "name" : "DSA-1535", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1535" - }, - { - "name" : "GLSA-200805-18", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml" - }, - { - "name" : "MDVSA-2008:080", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080" - }, - { - "name" : "238492", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1" - }, - { - "name" : "SUSE-SA:2008:019", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html" - }, - { - "name" : "USN-592-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-592-1" - }, - { - "name" : "TA08-087A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-087A.html" - }, - { - "name" : "28448", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28448" - }, - { - "name" : "ADV-2008-0998", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0998/references" - }, - { - "name" : "ADV-2008-1793", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1793/references" - }, - { - "name" : "1019704", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019704" - }, - { - "name" : "29560", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29560" - }, - { - "name" : "29539", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29539" - }, - { - "name" : "29558", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29558" - }, - { - "name" : "29616", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29616" - }, - { - "name" : "29526", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29526" - }, - { - "name" : "29541", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29541" - }, - { - "name" : "29547", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29547" - }, - { - "name" : "29645", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29645" - }, - { - "name" : "30327", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30327" - }, - { - "name" : "30620", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30620" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20080327 rPSA-2008-0128-1 firefox", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/490196/100/0/threaded" + }, + { + "name": "29541", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29541" + }, + { + "name": "29539", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29539" + }, + { + "name": "1019704", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019704" + }, + { + "name": "30620", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30620" + }, + { + "name": "29560", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29560" + }, + { + "name": "DSA-1532", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1532" + }, + { + "name": "30327", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30327" + }, + { + "name": "238492", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1" + }, + { + "name": "USN-592-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-592-1" + }, + { + "name": "29616", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29616" + }, + { + "name": "29645", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29645" + }, + { + "name": "http://0x90.eu/ff_tls_poc.html", + "refsource": "MISC", + "url": "http://0x90.eu/ff_tls_poc.html" + }, + { + "name": "ADV-2008-1793", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1793/references" + }, + { + "name": "29558", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29558" + }, + { + "name": "29526", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29526" + }, + { + "name": "SUSE-SA:2008:019", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html" + }, + { + "name": "TA08-087A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-087A.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-17.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=395399", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=395399" + }, + { + "name": "28448", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28448" + }, + { + "name": "DSA-1534", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1534" + }, + { + "name": "29547", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29547" + }, + { + "name": "GLSA-200805-18", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128" + }, + { + "name": "ADV-2008-0998", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0998/references" + }, + { + "name": "DSA-1535", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1535" + }, + { + "name": "MDVSA-2008:080", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6690.json b/2007/6xxx/CVE-2007-6690.json index 657dfa72a08..4302056be29 100644 --- a/2007/6xxx/CVE-2007-6690.json +++ b/2007/6xxx/CVE-2007-6690.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6690", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Gallery Remote module in Menalto Gallery before 2.2.4 does not check permissions for unspecified GR commands, which has unknown impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6690", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://gallery.menalto.com/gallery_2.2.4_released", - "refsource" : "CONFIRM", - "url" : "http://gallery.menalto.com/gallery_2.2.4_released" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=203217", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=203217" - }, - { - "name" : "GLSA-200802-04", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200802-04.xml" - }, - { - "name" : "41668", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41668" - }, - { - "name" : "28898", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28898" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Gallery Remote module in Menalto Gallery before 2.2.4 does not check permissions for unspecified GR commands, which has unknown impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://gallery.menalto.com/gallery_2.2.4_released", + "refsource": "CONFIRM", + "url": "http://gallery.menalto.com/gallery_2.2.4_released" + }, + { + "name": "GLSA-200802-04", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200802-04.xml" + }, + { + "name": "41668", + "refsource": "OSVDB", + "url": "http://osvdb.org/41668" + }, + { + "name": "28898", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28898" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=203217", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=203217" + } + ] + } +} \ No newline at end of file diff --git a/2014/100xxx/CVE-2014-100018.json b/2014/100xxx/CVE-2014-100018.json index 0d1d112d33d..1fa93bc8636 100644 --- a/2014/100xxx/CVE-2014-100018.json +++ b/2014/100xxx/CVE-2014-100018.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-100018", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Unconfirmed plugin before 1.2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in the unconfirmed page to wp-admin/network/users.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-100018", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://security.dxw.com/advisories/xss-in-unconfirmed-1-2-3/", - "refsource" : "MISC", - "url" : "https://security.dxw.com/advisories/xss-in-unconfirmed-1-2-3/" - }, - { - "name" : "https://wordpress.org/plugins/unconfirmed/changelog/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/plugins/unconfirmed/changelog/" - }, - { - "name" : "66781", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66781" - }, - { - "name" : "57838", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/57838" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Unconfirmed plugin before 1.2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in the unconfirmed page to wp-admin/network/users.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.dxw.com/advisories/xss-in-unconfirmed-1-2-3/", + "refsource": "MISC", + "url": "https://security.dxw.com/advisories/xss-in-unconfirmed-1-2-3/" + }, + { + "name": "66781", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66781" + }, + { + "name": "57838", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/57838" + }, + { + "name": "https://wordpress.org/plugins/unconfirmed/changelog/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/unconfirmed/changelog/" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5080.json b/2014/5xxx/CVE-2014-5080.json index 797099554b8..e24422916b5 100644 --- a/2014/5xxx/CVE-2014-5080.json +++ b/2014/5xxx/CVE-2014-5080.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5080", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5080", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5282.json b/2014/5xxx/CVE-2014-5282.json index bff39f7e5cf..858114134a1 100644 --- a/2014/5xxx/CVE-2014-5282.json +++ b/2014/5xxx/CVE-2014-5282.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5282", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5282", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1168436", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1168436" - }, - { - "name" : "https://groups.google.com/forum/#!msg/docker-announce/aQoVmQlcE0A/smPuBNYf8VwJ", - "refsource" : "CONFIRM", - "url" : "https://groups.google.com/forum/#!msg/docker-announce/aQoVmQlcE0A/smPuBNYf8VwJ" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://groups.google.com/forum/#!msg/docker-announce/aQoVmQlcE0A/smPuBNYf8VwJ", + "refsource": "CONFIRM", + "url": "https://groups.google.com/forum/#!msg/docker-announce/aQoVmQlcE0A/smPuBNYf8VwJ" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1168436", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168436" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5695.json b/2014/5xxx/CVE-2014-5695.json index f830a6ef350..b6e4d812868 100644 --- a/2014/5xxx/CVE-2014-5695.json +++ b/2014/5xxx/CVE-2014-5695.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5695", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Hello Kitty Cafe (aka com.sd.google.helloKittyCafe) application 1.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5695", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#580825", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/580825" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Hello Kitty Cafe (aka com.sd.google.helloKittyCafe) application 1.4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#580825", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/580825" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5790.json b/2014/5xxx/CVE-2014-5790.json index 85124b3e207..6461310399a 100644 --- a/2014/5xxx/CVE-2014-5790.json +++ b/2014/5xxx/CVE-2014-5790.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5790", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Pets Fun House (aka mominis.Generic_Android.Pets_Fun_House) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5790", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#785953", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/785953" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Pets Fun House (aka mominis.Generic_Android.Pets_Fun_House) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#785953", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/785953" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2095.json b/2015/2xxx/CVE-2015-2095.json index ad2d155736e..8864700e58d 100644 --- a/2015/2xxx/CVE-2015-2095.json +++ b/2015/2xxx/CVE-2015-2095.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2095", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the SetConnectInfo function in the WESPPTZ.WESPPTZCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via crafted arguments." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2095", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-070/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-070/" - }, - { - "name" : "73222", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73222" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the SetConnectInfo function in the WESPPTZ.WESPPTZCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via crafted arguments." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-070/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-070/" + }, + { + "name": "73222", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73222" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2344.json b/2015/2xxx/CVE-2015-2344.json index 2608b3bb9a0..6917431ea17 100644 --- a/2015/2xxx/CVE-2015-2344.json +++ b/2015/2xxx/CVE-2015-2344.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2344", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in VMware vRealize Automation 6.x before 6.2.4 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2344", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2016-0003.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2016-0003.html" - }, - { - "name" : "1035270", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035270" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in VMware vRealize Automation 6.x before 6.2.4 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vmware.com/security/advisories/VMSA-2016-0003.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2016-0003.html" + }, + { + "name": "1035270", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035270" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2395.json b/2015/2xxx/CVE-2015-2395.json index 6de5d28fcfc..d98fe1b6ddc 100644 --- a/2015/2xxx/CVE-2015-2395.json +++ b/2015/2xxx/CVE-2015-2395.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2395", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-2395", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2428.json b/2015/2xxx/CVE-2015-2428.json index 1a610c8548b..69f97bfe1c9 100644 --- a/2015/2xxx/CVE-2015-2428.json +++ b/2015/2xxx/CVE-2015-2428.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2428", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Object Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels during interaction with object symbolic links that originated in a sandboxed process, which allows local users to gain privileges via a crafted application, aka \"Windows Object Manager Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2428", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-090", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-090" - }, - { - "name" : "1033251", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Object Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels during interaction with object symbolic links that originated in a sandboxed process, which allows local users to gain privileges via a crafted application, aka \"Windows Object Manager Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-090", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-090" + }, + { + "name": "1033251", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033251" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6008.json b/2015/6xxx/CVE-2015-6008.json index 589e94bd034..0844575d8ad 100644 --- a/2015/6xxx/CVE-2015-6008.json +++ b/2015/6xxx/CVE-2015-6008.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6008", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "install.php in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to execute arbitrary commands via the adminPassword parameter, a different issue than CVE-2015-7381." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-6008", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38292", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38292/" - }, - { - "name" : "VU#374092", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/374092" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "install.php in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to execute arbitrary commands via the adminPassword parameter, a different issue than CVE-2015-7381." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38292", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38292/" + }, + { + "name": "VU#374092", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/374092" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6203.json b/2015/6xxx/CVE-2015-6203.json index 768ff25ce1d..dbeb69eb8cc 100644 --- a/2015/6xxx/CVE-2015-6203.json +++ b/2015/6xxx/CVE-2015-6203.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6203", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6203", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6338.json b/2015/6xxx/CVE-2015-6338.json index ea3baf58b44..b74e1aff7fd 100644 --- a/2015/6xxx/CVE-2015-6338.json +++ b/2015/6xxx/CVE-2015-6338.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6338", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6338", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6644.json b/2015/6xxx/CVE-2015-6644.json index a884d990aa6..7bbbb3aa00a 100644 --- a/2015/6xxx/CVE-2015-6644.json +++ b/2015/6xxx/CVE-2015-6644.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6644", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-6644", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-01-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-01-01.html" - }, - { - "name" : "DSA-3829", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3829" - }, - { - "name" : "RHSA-2017:2808", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2808" - }, - { - "name" : "RHSA-2017:2809", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2809" - }, - { - "name" : "RHSA-2017:2810", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2810" - }, - { - "name" : "RHSA-2017:2811", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2811" - }, - { - "name" : "RHSA-2017:1832", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1832" - }, - { - "name" : "RHSA-2018:2927", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2927" - }, - { - "name" : "USN-3727-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3727-1/" - }, - { - "name" : "79865", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79865" - }, - { - "name" : "1034592", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034592" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2017:2809", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2809" + }, + { + "name": "RHSA-2017:1832", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1832" + }, + { + "name": "RHSA-2017:2810", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2810" + }, + { + "name": "1034592", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034592" + }, + { + "name": "RHSA-2017:2808", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2808" + }, + { + "name": "USN-3727-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3727-1/" + }, + { + "name": "http://source.android.com/security/bulletin/2016-01-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-01-01.html" + }, + { + "name": "RHSA-2018:2927", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2927" + }, + { + "name": "DSA-3829", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3829" + }, + { + "name": "RHSA-2017:2811", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2811" + }, + { + "name": "79865", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79865" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7273.json b/2015/7xxx/CVE-2015-7273.json index 98ddc998ab5..b736cceedaf 100644 --- a/2015/7xxx/CVE-2015-7273.json +++ b/2015/7xxx/CVE-2015-7273.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2015-7273", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Dell Integrated Remote Access Controller (iDRAC)", - "version" : { - "version_data" : [ - { - "version_value" : "Dell Integrated Remote Access Controller (iDRAC)" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "XXE" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-7273", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Dell Integrated Remote Access Controller (iDRAC)", + "version": { + "version_data": [ + { + "version_value": "Dell Integrated Remote Access Controller (iDRAC)" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20441859", - "refsource" : "MISC", - "url" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20441859" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XXE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://en.community.dell.com/techcenter/extras/m/white_papers/20441859", + "refsource": "MISC", + "url": "http://en.community.dell.com/techcenter/extras/m/white_papers/20441859" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7363.json b/2015/7xxx/CVE-2015-7363.json index 3e646d11bee..d3c46f3967f 100644 --- a/2015/7xxx/CVE-2015-7363.json +++ b/2015/7xxx/CVE-2015-7363.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7363", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the advanced settings page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.3, in hardware models with a hard disk, and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.3 allows remote administrators to inject arbitrary web script or HTML via vectors related to report filters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7363", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://fortiguard.com/advisory/fortianalyzer-and-fortimanager-stored-xss-vulnerability-in-report-filters", - "refsource" : "CONFIRM", - "url" : "http://fortiguard.com/advisory/fortianalyzer-and-fortimanager-stored-xss-vulnerability-in-report-filters" - }, - { - "name" : "93413", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93413" - }, - { - "name" : "1036981", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036981" - }, - { - "name" : "1036982", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036982" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the advanced settings page in Fortinet FortiManager 5.x before 5.0.12 and 5.2.x before 5.2.3, in hardware models with a hard disk, and FortiAnalyzer 5.x before 5.0.13 and 5.2.x before 5.2.3 allows remote administrators to inject arbitrary web script or HTML via vectors related to report filters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036981", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036981" + }, + { + "name": "1036982", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036982" + }, + { + "name": "93413", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93413" + }, + { + "name": "http://fortiguard.com/advisory/fortianalyzer-and-fortimanager-stored-xss-vulnerability-in-report-filters", + "refsource": "CONFIRM", + "url": "http://fortiguard.com/advisory/fortianalyzer-and-fortimanager-stored-xss-vulnerability-in-report-filters" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7495.json b/2015/7xxx/CVE-2015-7495.json index a817ba5474a..4ebb7d44058 100644 --- a/2015/7xxx/CVE-2015-7495.json +++ b/2015/7xxx/CVE-2015-7495.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7495", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7495", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0219.json b/2016/0xxx/CVE-2016-0219.json index 4ff7dcf586a..4691caa0674 100644 --- a/2016/0xxx/CVE-2016-0219.json +++ b/2016/0xxx/CVE-2016-0219.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0219", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote authenticated users to cause a denial of service via crafted XML data. IBM X-Force ID: 109693." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0219", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983720", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983720" - }, - { - "name" : "ibm-rtc-cve20160219-dos(109693)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/109693" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote authenticated users to cause a denial of service via crafted XML data. IBM X-Force ID: 109693." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-rtc-cve20160219-dos(109693)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/109693" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0392.json b/2016/0xxx/CVE-2016-0392.json index 2e526feef62..2b33a643f97 100644 --- a/2016/0xxx/CVE-2016-0392.json +++ b/2016/0xxx/CVE-2016-0392.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0392", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0392", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160607 [CVE-2016-0392] IBM GPFS / Spectrum Scale Command Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538620/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875" - }, - { - "name" : "IV84206", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV84206" - }, - { - "name" : "91082", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91082" - }, - { - "name" : "1036458", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036458" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91082", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91082" + }, + { + "name": "http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html" + }, + { + "name": "IV84206", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV84206" + }, + { + "name": "1036458", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036458" + }, + { + "name": "20160607 [CVE-2016-0392] IBM GPFS / Spectrum Scale Command Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538620/100/0/threaded" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0502.json b/2016/0xxx/CVE-2016-0502.json index 325d957bd25..3c307ef2f3f 100644 --- a/2016/0xxx/CVE-2016-0502.json +++ b/2016/0xxx/CVE-2016-0502.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0502", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0502", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "openSUSE-SU-2016:0367", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html" - }, - { - "name" : "openSUSE-SU-2016:0377", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html" - }, - { - "name" : "1034708", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034708" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0367", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html" + }, + { + "name": "1034708", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034708" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "openSUSE-SU-2016:0377", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0705.json b/2016/0xxx/CVE-2016-0705.json index 93a2f72cd99..0a840610e6c 100644 --- a/2016/0xxx/CVE-2016-0705.json +++ b/2016/0xxx/CVE-2016-0705.json @@ -1,337 +1,337 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0705", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0705", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://openssl.org/news/secadv/20160301.txt", - "refsource" : "CONFIRM", - "url" : "http://openssl.org/news/secadv/20160301.txt" - }, - { - "name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=6c88c71b4e4825c7bc0489306d062d017634eb88", - "refsource" : "CONFIRM", - "url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=6c88c71b4e4825c7bc0489306d062d017634eb88" - }, - { - "name" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168", - "refsource" : "CONFIRM", - "url" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "http://source.android.com/security/bulletin/2016-05-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-05-01.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150800", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150800" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05052990", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05052990" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05086877", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05086877" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05126404", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05126404" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05135617", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05135617" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05141441", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05141441" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150736", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150736" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946" - }, - { - "name" : "https://www.openssl.org/news/secadv/20160301.txt", - "refsource" : "CONFIRM", - "url" : "https://www.openssl.org/news/secadv/20160301.txt" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" - }, - { - "name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us" - }, - { - "name" : "20160302 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl" - }, - { - "name" : "DSA-3500", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3500" - }, - { - "name" : "FEDORA-2016-2802690366", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178358.html" - }, - { - "name" : "FEDORA-2016-e6807b3394", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178817.html" - }, - { - "name" : "FreeBSD-SA-16:12", - "refsource" : "FREEBSD", - "url" : "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:12.openssl.asc" - }, - { - "name" : "GLSA-201603-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-15" - }, - { - "name" : "HPSBGN03563", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=145889460330120&w=2" - }, - { - "name" : "HPSBGN03569", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=145983526810210&w=2" - }, - { - "name" : "HPSBMU03575", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=146108058503441&w=2" - }, - { - "name" : "RHSA-2016:2957", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html" - }, - { - "name" : "RHSA-2018:2568", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2568" - }, - { - "name" : "RHSA-2018:2575", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2575" - }, - { - "name" : "RHSA-2018:2713", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2713" - }, - { - "name" : "openSUSE-SU-2016:1566", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html" - }, - { - "name" : "openSUSE-SU-2016:1332", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html" - }, - { - "name" : "SUSE-SU-2016:1057", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html" - }, - { - "name" : "SUSE-SU-2016:0617", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html" - }, - { - "name" : "SUSE-SU-2016:0620", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html" - }, - { - "name" : "SUSE-SU-2016:0621", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html" - }, - { - "name" : "SUSE-SU-2016:0624", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html" - }, - { - "name" : "SUSE-SU-2016:0631", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html" - }, - { - "name" : "openSUSE-SU-2016:0627", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00005.html" - }, - { - "name" : "openSUSE-SU-2016:0628", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html" - }, - { - "name" : "openSUSE-SU-2016:0637", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html" - }, - { - "name" : "openSUSE-SU-2016:0638", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html" - }, - { - "name" : "USN-2914-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2914-1" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "83754", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/83754" - }, - { - "name" : "1035133", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035133" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2016-2802690366", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178358.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085" + }, + { + "name": "http://source.android.com/security/bulletin/2016-05-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-05-01.html" + }, + { + "name": "RHSA-2018:2713", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2713" + }, + { + "name": "FEDORA-2016-e6807b3394", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178817.html" + }, + { + "name": "HPSBMU03575", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=146108058503441&w=2" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946" + }, + { + "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=6c88c71b4e4825c7bc0489306d062d017634eb88", + "refsource": "CONFIRM", + "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=6c88c71b4e4825c7bc0489306d062d017634eb88" + }, + { + "name": "openSUSE-SU-2016:1332", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html" + }, + { + "name": "openSUSE-SU-2016:0638", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917" + }, + { + "name": "FreeBSD-SA-16:12", + "refsource": "FREEBSD", + "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:12.openssl.asc" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "SUSE-SU-2016:0621", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05135617", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05135617" + }, + { + "name": "HPSBGN03563", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=145889460330120&w=2" + }, + { + "name": "HPSBGN03569", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=145983526810210&w=2" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" + }, + { + "name": "RHSA-2018:2575", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2575" + }, + { + "name": "USN-2914-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2914-1" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150736", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150736" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "SUSE-SU-2016:1057", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html" + }, + { + "name": "openSUSE-SU-2016:1566", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html" + }, + { + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168", + "refsource": "CONFIRM", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05126404", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05126404" + }, + { + "name": "http://openssl.org/news/secadv/20160301.txt", + "refsource": "CONFIRM", + "url": "http://openssl.org/news/secadv/20160301.txt" + }, + { + "name": "20160302 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05086877", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05086877" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" + }, + { + "name": "RHSA-2018:2568", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2568" + }, + { + "name": "SUSE-SU-2016:0624", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176716" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05141441", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05141441" + }, + { + "name": "DSA-3500", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3500" + }, + { + "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us" + }, + { + "name": "SUSE-SU-2016:0631", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html" + }, + { + "name": "https://www.openssl.org/news/secadv/20160301.txt", + "refsource": "CONFIRM", + "url": "https://www.openssl.org/news/secadv/20160301.txt" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "SUSE-SU-2016:0617", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html" + }, + { + "name": "RHSA-2016:2957", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" + }, + { + "name": "GLSA-201603-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-15" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681" + }, + { + "name": "openSUSE-SU-2016:0628", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html" + }, + { + "name": "1035133", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035133" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150800", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150800" + }, + { + "name": "SUSE-SU-2016:0620", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html" + }, + { + "name": "openSUSE-SU-2016:0637", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html" + }, + { + "name": "openSUSE-SU-2016:0627", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00005.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05052990", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05052990" + }, + { + "name": "83754", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/83754" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000125.json b/2016/1000xxx/CVE-2016-1000125.json index 2da105c6172..d1645f6fc77 100644 --- a/2016/1000xxx/CVE-2016-1000125.json +++ b/2016/1000xxx/CVE-2016-1000125.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000125", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000125", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "42598", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/42598/" - }, - { - "name" : "http://huge-it.com/joomla-catalog/", - "refsource" : "MISC", - "url" : "http://huge-it.com/joomla-catalog/" - }, - { - "name" : "http://www.vapidlabs.com/advisory.php?v=171", - "refsource" : "MISC", - "url" : "http://www.vapidlabs.com/advisory.php?v=171" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vapidlabs.com/advisory.php?v=171", + "refsource": "MISC", + "url": "http://www.vapidlabs.com/advisory.php?v=171" + }, + { + "name": "42598", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/42598/" + }, + { + "name": "http://huge-it.com/joomla-catalog/", + "refsource": "MISC", + "url": "http://huge-it.com/joomla-catalog/" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10264.json b/2016/10xxx/CVE-2016-10264.json index 0e46c9b6562..697751e47da 100644 --- a/2016/10xxx/CVE-2016-10264.json +++ b/2016/10xxx/CVE-2016-10264.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10264", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10264", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10482.json b/2016/10xxx/CVE-2016-10482.json index a17072018c0..187561270c6 100644 --- a/2016/10xxx/CVE-2016-10482.json +++ b/2016/10xxx/CVE-2016-10482.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10482", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, while processing downlink information, an assert can be reached." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Reachable Assertion in LTE" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10482", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, while processing downlink information, an assert can be reached." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Reachable Assertion in LTE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10578.json b/2016/10xxx/CVE-2016-10578.json index feb007aac68..1b9fa222c4d 100644 --- a/2016/10xxx/CVE-2016-10578.json +++ b/2016/10xxx/CVE-2016-10578.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10578", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "unicode node module", - "version" : { - "version_data" : [ - { - "version_value" : "< 9.0.0" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "unicode loads unicode data downloaded from unicode.org into nodejs. Unicode before 9.0.0 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Encryption of Sensitive Data (CWE-311)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10578", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "unicode node module", + "version": { + "version_data": [ + { + "version_value": "< 9.0.0" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/161", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/161" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "unicode loads unicode data downloaded from unicode.org into nodejs. Unicode before 9.0.0 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Encryption of Sensitive Data (CWE-311)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/161", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/161" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10632.json b/2016/10xxx/CVE-2016-10632.json index c15627ba791..bdca90ebeae 100644 --- a/2016/10xxx/CVE-2016-10632.json +++ b/2016/10xxx/CVE-2016-10632.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10632", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "apk-parser2 node module", - "version" : { - "version_data" : [ - { - "version_value" : "All versions" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "apk-parser2 is a module which extracts Android Manifest info from an APK file. apk-parser2 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Encryption of Sensitive Data (CWE-311)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10632", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "apk-parser2 node module", + "version": { + "version_data": [ + { + "version_value": "All versions" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/223", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/223" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "apk-parser2 is a module which extracts Android Manifest info from an APK file. apk-parser2 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Encryption of Sensitive Data (CWE-311)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/223", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/223" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4038.json b/2016/4xxx/CVE-2016-4038.json index 704d072f81f..8c89fdca8ad 100644 --- a/2016/4xxx/CVE-2016-4038.json +++ b/2016/4xxx/CVE-2016-4038.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4038", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4038", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160418 CVE request - samsumg android phone msm_sensor_config function write some range kernel address with any value", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/17/2" - }, - { - "name" : "[oss-security] 20160418 Re: CVE request - samsumg android phone msm_sensor_config function write some range kernel address with any value", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/18/8" - }, - { - "name" : "http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016", - "refsource" : "CONFIRM", - "url" : "http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160418 CVE request - samsumg android phone msm_sensor_config function write some range kernel address with any value", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/17/2" + }, + { + "name": "http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016", + "refsource": "CONFIRM", + "url": "http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016" + }, + { + "name": "[oss-security] 20160418 Re: CVE request - samsumg android phone msm_sensor_config function write some range kernel address with any value", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/18/8" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4109.json b/2016/4xxx/CVE-2016-4109.json index f6e2a8ae0ea..837c8b48234 100644 --- a/2016/4xxx/CVE-2016-4109.json +++ b/2016/4xxx/CVE-2016-4109.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4109", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4109", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" - }, - { - "name" : "MS16-064", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064" - }, - { - "name" : "RHSA-2016:1079", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1079.html" - }, - { - "name" : "SUSE-SU-2016:1305", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" - }, - { - "name" : "90618", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90618" - }, - { - "name" : "1035827", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035827" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1305", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" + }, + { + "name": "90618", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90618" + }, + { + "name": "1035827", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035827" + }, + { + "name": "MS16-064", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" + }, + { + "name": "RHSA-2016:1079", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4222.json b/2016/4xxx/CVE-2016-4222.json index f5d1d7404c2..852bc79188a 100644 --- a/2016/4xxx/CVE-2016-4222.json +++ b/2016/4xxx/CVE-2016-4222.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4222", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4222", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-425", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-425" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" - }, - { - "name" : "GLSA-201607-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-03" - }, - { - "name" : "MS16-093", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" - }, - { - "name" : "RHSA-2016:1423", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1423" - }, - { - "name" : "SUSE-SU-2016:1826", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" - }, - { - "name" : "openSUSE-SU-2016:1802", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" - }, - { - "name" : "91719", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91719" - }, - { - "name" : "1036280", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036280" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, and CVE-2016-4248." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1826", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" + }, + { + "name": "GLSA-201607-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-03" + }, + { + "name": "openSUSE-SU-2016:1802", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" + }, + { + "name": "91719", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91719" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" + }, + { + "name": "RHSA-2016:1423", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1423" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-425", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-425" + }, + { + "name": "MS16-093", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093" + }, + { + "name": "1036280", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036280" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4455.json b/2016/4xxx/CVE-2016-4455.json index 6514cb16f59..f94f20b5be9 100644 --- a/2016/4xxx/CVE-2016-4455.json +++ b/2016/4xxx/CVE-2016-4455.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4455", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-4455", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161026 CVE-2016-4455: subscription-manager: incorrect permisions in /var/lib/rhsm/", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/10/26/5" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1340525", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1340525" - }, - { - "name" : "https://github.com/candlepin/subscription-manager/blob/subscription-manager-1.17.7-1/subscription-manager.spec", - "refsource" : "CONFIRM", - "url" : "https://github.com/candlepin/subscription-manager/blob/subscription-manager-1.17.7-1/subscription-manager.spec" - }, - { - "name" : "https://github.com/candlepin/subscription-manager/commit/9dec31", - "refsource" : "CONFIRM", - "url" : "https://github.com/candlepin/subscription-manager/commit/9dec31" - }, - { - "name" : "RHSA-2016:2592", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2592.html" - }, - { - "name" : "RHSA-2017:0698", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0698.html" - }, - { - "name" : "93926", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93926" - }, - { - "name" : "1038083", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038083" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1340525", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340525" + }, + { + "name": "1038083", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038083" + }, + { + "name": "[oss-security] 20161026 CVE-2016-4455: subscription-manager: incorrect permisions in /var/lib/rhsm/", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/10/26/5" + }, + { + "name": "93926", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93926" + }, + { + "name": "RHSA-2016:2592", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2592.html" + }, + { + "name": "https://github.com/candlepin/subscription-manager/commit/9dec31", + "refsource": "CONFIRM", + "url": "https://github.com/candlepin/subscription-manager/commit/9dec31" + }, + { + "name": "https://github.com/candlepin/subscription-manager/blob/subscription-manager-1.17.7-1/subscription-manager.spec", + "refsource": "CONFIRM", + "url": "https://github.com/candlepin/subscription-manager/blob/subscription-manager-1.17.7-1/subscription-manager.spec" + }, + { + "name": "RHSA-2017:0698", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0698.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9497.json b/2016/9xxx/CVE-2016-9497.json index 2e564853908..b5ccfcd2ab9 100644 --- a/2016/9xxx/CVE-2016-9497.json +++ b/2016/9xxx/CVE-2016-9497.json @@ -1,94 +1,94 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-9497", - "STATE" : "PUBLIC", - "TITLE" : "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "HN7740S", - "version" : { - "version_data" : [ - { - "affected" : "?", - "version_value" : "N/A" - } - ] - } - }, - { - "product_name" : "DW7000", - "version" : { - "version_data" : [ - { - "affected" : "?", - "version_value" : "N/A" - } - ] - } - }, - { - "product_name" : "HN7000S/SM", - "version" : { - "version_data" : [ - { - "affected" : "?", - "version_value" : "N/A" - } - ] - } - } - ] - }, - "vendor_name" : "Hughes Satellite Modem" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-288" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-9497", + "STATE": "PUBLIC", + "TITLE": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "HN7740S", + "version": { + "version_data": [ + { + "affected": "?", + "version_value": "N/A" + } + ] + } + }, + { + "product_name": "DW7000", + "version": { + "version_data": [ + { + "affected": "?", + "version_value": "N/A" + } + ] + } + }, + { + "product_name": "HN7000S/SM", + "version": { + "version_data": [ + { + "affected": "?", + "version_value": "N/A" + } + ] + } + } + ] + }, + "vendor_name": "Hughes Satellite Modem" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#614751", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/614751" - }, - { - "name" : "96244", - "refsource" : "BID", - "url" : "https://www.securityfocus.com/bid/96244" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-288" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "96244", + "refsource": "BID", + "url": "https://www.securityfocus.com/bid/96244" + }, + { + "name": "VU#614751", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/614751" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9789.json b/2016/9xxx/CVE-2016-9789.json index 93075d604e5..a3d5e69b193 100644 --- a/2016/9xxx/CVE-2016-9789.json +++ b/2016/9xxx/CVE-2016-9789.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9789", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9789", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2523.json b/2019/2xxx/CVE-2019-2523.json index 0fc8c879bb7..adcdd44ddfa 100644 --- a/2019/2xxx/CVE-2019-2523.json +++ b/2019/2xxx/CVE-2019-2523.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2019-2523", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "VM VirtualBox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "5.2.24" - }, - { - "version_affected" : "<", - "version_value" : "6.0.2" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2019-2523", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "VM VirtualBox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.2.24" + }, + { + "version_affected": "<", + "version_value": "6.0.2" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name" : "106568", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106568" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + }, + { + "name": "106568", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106568" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2945.json b/2019/2xxx/CVE-2019-2945.json index bdee32207d9..d9eff810ce7 100644 --- a/2019/2xxx/CVE-2019-2945.json +++ b/2019/2xxx/CVE-2019-2945.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2945", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2945", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3279.json b/2019/3xxx/CVE-2019-3279.json index 64c5eeeaf86..cfe29a25f2a 100644 --- a/2019/3xxx/CVE-2019-3279.json +++ b/2019/3xxx/CVE-2019-3279.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3279", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3279", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3312.json b/2019/3xxx/CVE-2019-3312.json index 80c944efd3f..be1dda08611 100644 --- a/2019/3xxx/CVE-2019-3312.json +++ b/2019/3xxx/CVE-2019-3312.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3312", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3312", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3459.json b/2019/3xxx/CVE-2019-3459.json index 65a822faa3d..00da58955ac 100644 --- a/2019/3xxx/CVE-2019-3459.json +++ b/2019/3xxx/CVE-2019-3459.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3459", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3459", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3791.json b/2019/3xxx/CVE-2019-3791.json index aa62ee5a76a..091f5c133d2 100644 --- a/2019/3xxx/CVE-2019-3791.json +++ b/2019/3xxx/CVE-2019-3791.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3791", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3791", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6011.json b/2019/6xxx/CVE-2019-6011.json index 341ac1a19d1..2fda1d12026 100644 --- a/2019/6xxx/CVE-2019-6011.json +++ b/2019/6xxx/CVE-2019-6011.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6011", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6011", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6177.json b/2019/6xxx/CVE-2019-6177.json index 452fb284fc7..49ea9c99258 100644 --- a/2019/6xxx/CVE-2019-6177.json +++ b/2019/6xxx/CVE-2019-6177.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6177", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6177", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6312.json b/2019/6xxx/CVE-2019-6312.json index d57bb594708..49070f5f064 100644 --- a/2019/6xxx/CVE-2019-6312.json +++ b/2019/6xxx/CVE-2019-6312.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6312", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6312", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6886.json b/2019/6xxx/CVE-2019-6886.json index a7473a6d2c9..2021607bf06 100644 --- a/2019/6xxx/CVE-2019-6886.json +++ b/2019/6xxx/CVE-2019-6886.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6886", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6886", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7409.json b/2019/7xxx/CVE-2019-7409.json index 2eccd55f15c..7a42f73906b 100644 --- a/2019/7xxx/CVE-2019-7409.json +++ b/2019/7xxx/CVE-2019-7409.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7409", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7409", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7566.json b/2019/7xxx/CVE-2019-7566.json index 5d56c4b63aa..b1c8531af96 100644 --- a/2019/7xxx/CVE-2019-7566.json +++ b/2019/7xxx/CVE-2019-7566.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7566", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CSZ CMS 1.1.8 has CSRF via admin/users/new/add." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7566", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/cskaza/cszcms/issues/17", - "refsource" : "MISC", - "url" : "https://github.com/cskaza/cszcms/issues/17" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CSZ CMS 1.1.8 has CSRF via admin/users/new/add." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/cskaza/cszcms/issues/17", + "refsource": "MISC", + "url": "https://github.com/cskaza/cszcms/issues/17" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7575.json b/2019/7xxx/CVE-2019-7575.json index e564413743f..ce729baede2 100644 --- a/2019/7xxx/CVE-2019-7575.json +++ b/2019/7xxx/CVE-2019-7575.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7575", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7575", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20190313 [SECURITY] [DLA 1713-1] libsdl1.2 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/03/msg00015.html" - }, - { - "name" : "[debian-lts-announce] 20190313 [SECURITY] [DLA 1714-1] libsdl2 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/03/msg00016.html" - }, - { - "name" : "https://bugzilla.libsdl.org/show_bug.cgi?id=4493", - "refsource" : "MISC", - "url" : "https://bugzilla.libsdl.org/show_bug.cgi?id=4493" - }, - { - "name" : "https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720", - "refsource" : "MISC", - "url" : "https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[debian-lts-announce] 20190313 [SECURITY] [DLA 1714-1] libsdl2 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00016.html" + }, + { + "name": "[debian-lts-announce] 20190313 [SECURITY] [DLA 1713-1] libsdl1.2 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00015.html" + }, + { + "name": "https://bugzilla.libsdl.org/show_bug.cgi?id=4493", + "refsource": "MISC", + "url": "https://bugzilla.libsdl.org/show_bug.cgi?id=4493" + }, + { + "name": "https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720", + "refsource": "MISC", + "url": "https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7617.json b/2019/7xxx/CVE-2019-7617.json index 44b3317e8ea..66663f9502d 100644 --- a/2019/7xxx/CVE-2019-7617.json +++ b/2019/7xxx/CVE-2019-7617.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7617", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7617", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8068.json b/2019/8xxx/CVE-2019-8068.json index 4385c68e2ce..edb86aaadec 100644 --- a/2019/8xxx/CVE-2019-8068.json +++ b/2019/8xxx/CVE-2019-8068.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8068", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8068", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8086.json b/2019/8xxx/CVE-2019-8086.json index fd314b06faa..2e1f46b5a26 100644 --- a/2019/8xxx/CVE-2019-8086.json +++ b/2019/8xxx/CVE-2019-8086.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8086", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8086", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8181.json b/2019/8xxx/CVE-2019-8181.json index d4772581f29..bb0f2e67d51 100644 --- a/2019/8xxx/CVE-2019-8181.json +++ b/2019/8xxx/CVE-2019-8181.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8181", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8181", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8720.json b/2019/8xxx/CVE-2019-8720.json index d6331072436..694ca94d61b 100644 --- a/2019/8xxx/CVE-2019-8720.json +++ b/2019/8xxx/CVE-2019-8720.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8720", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8720", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9153.json b/2019/9xxx/CVE-2019-9153.json index f766d4d144b..99ea11a73d6 100644 --- a/2019/9xxx/CVE-2019-9153.json +++ b/2019/9xxx/CVE-2019-9153.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9153", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9153", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9669.json b/2019/9xxx/CVE-2019-9669.json index 205024ef6a7..39a3b7206d0 100644 --- a/2019/9xxx/CVE-2019-9669.json +++ b/2019/9xxx/CVE-2019-9669.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9669", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9669", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9724.json b/2019/9xxx/CVE-2019-9724.json index 25acf2c7e26..d2fcfad4528 100644 --- a/2019/9xxx/CVE-2019-9724.json +++ b/2019/9xxx/CVE-2019-9724.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9724", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9724", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file