diff --git a/1999/0xxx/CVE-1999-0082.json b/1999/0xxx/CVE-1999-0082.json index 35e8010c393..946a69a2b2c 100644 --- a/1999/0xxx/CVE-1999-0082.json +++ b/1999/0xxx/CVE-1999-0082.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0082", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CWD ~root command in ftpd allows root access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0082", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "Improving the Security of Your Site by Breaking Into it", - "refsource" : "FARMERVENEMA", - "url" : "http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CWD ~root command in ftpd allows root access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "Improving the Security of Your Site by Breaking Into it", + "refsource": "FARMERVENEMA", + "url": "http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0110.json b/1999/0xxx/CVE-1999-0110.json index 9b74f650814..4a9eda6ea30 100644 --- a/1999/0xxx/CVE-1999-0110.json +++ b/1999/0xxx/CVE-1999-0110.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0110", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0315. Reason: This candidate's original description had a typo that delayed it from being detected as a duplicate of CVE-1999-0315. Notes: All CVE users should reference CVE-1999-0315 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-1999-0110", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0315. Reason: This candidate's original description had a typo that delayed it from being detected as a duplicate of CVE-1999-0315. Notes: All CVE users should reference CVE-1999-0315 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0738.json b/2007/0xxx/CVE-2007-0738.json index 3fdcfb2191d..63f0abae997 100644 --- a/2007/0xxx/CVE-2007-0738.json +++ b/2007/0xxx/CVE-2007-0738.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0738", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authentication dialog in certain circumstances when waking from sleep, even though the \"require a password to wake the computer from sleep\" option is enabled, which allows local users to bypass authentication controls." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0738", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=305391", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=305391" - }, - { - "name" : "APPLE-SA-2007-04-19", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" - }, - { - "name" : "TA07-109A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" - }, - { - "name" : "23569", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23569" - }, - { - "name" : "ADV-2007-1470", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1470" - }, - { - "name" : "34863", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34863" - }, - { - "name" : "1017939", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017939" - }, - { - "name" : "24966", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24966" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authentication dialog in certain circumstances when waking from sleep, even though the \"require a password to wake the computer from sleep\" option is enabled, which allows local users to bypass authentication controls." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24966", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24966" + }, + { + "name": "34863", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34863" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=305391", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=305391" + }, + { + "name": "23569", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23569" + }, + { + "name": "TA07-109A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" + }, + { + "name": "1017939", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017939" + }, + { + "name": "APPLE-SA-2007-04-19", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" + }, + { + "name": "ADV-2007-1470", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1470" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0740.json b/2007/0xxx/CVE-2007-0740.json index 6dbdedbdcd8..29852b3dfe1 100644 --- a/2007/0xxx/CVE-2007-0740.json +++ b/2007/0xxx/CVE-2007-0740.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0740", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0740", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=305530", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=305530" - }, - { - "name" : "APPLE-SA-2007-05-24", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html" - }, - { - "name" : "24144", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24144" - }, - { - "name" : "ADV-2007-1939", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1939" - }, - { - "name" : "35147", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/35147" - }, - { - "name" : "1018121", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018121" - }, - { - "name" : "25402", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25402" - }, - { - "name" : "macos-diskimage-code-execution(34498)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34498" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://docs.info.apple.com/article.html?artnum=305530", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=305530" + }, + { + "name": "ADV-2007-1939", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1939" + }, + { + "name": "APPLE-SA-2007-05-24", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html" + }, + { + "name": "25402", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25402" + }, + { + "name": "1018121", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018121" + }, + { + "name": "24144", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24144" + }, + { + "name": "macos-diskimage-code-execution(34498)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34498" + }, + { + "name": "35147", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/35147" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0764.json b/2007/0xxx/CVE-2007-0764.json index 471a2e1e264..79e96527e68 100644 --- a/2007/0xxx/CVE-2007-0764.json +++ b/2007/0xxx/CVE-2007-0764.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0764", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir parameter in adm.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0764", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3255", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3255" - }, - { - "name" : "34669", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34669" - }, - { - "name" : "f3site-adm-file-upload(32189)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32189" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir parameter in adm.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34669", + "refsource": "OSVDB", + "url": "http://osvdb.org/34669" + }, + { + "name": "f3site-adm-file-upload(32189)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32189" + }, + { + "name": "3255", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3255" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1357.json b/2007/1xxx/CVE-2007-1357.json index 41a3c006df1..334196d8eb4 100644 --- a/2007/1xxx/CVE-2007-1357.json +++ b/2007/1xxx/CVE-2007-1357.json @@ -1,172 +1,172 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1357", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter than the specified length, which triggers a BUG_ON call when an attempt is made to perform a checksum." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-1357", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070615 rPSA-2007-0124-1 kernel xen", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471457" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.5", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.5" - }, - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235857", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235857" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1244", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1244" - }, - { - "name" : "DSA-1286", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1286" - }, - { - "name" : "DSA-1304", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1304" - }, - { - "name" : "SUSE-SA:2007:029", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html" - }, - { - "name" : "SUSE-SA:2007:030", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_30_kernel.html" - }, - { - "name" : "SUSE-SA:2007:035", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_35_kernel.html" - }, - { - "name" : "SUSE-SA:2007:043", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_43_kernel.html" - }, - { - "name" : "USN-464-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-464-1" - }, - { - "name" : "23376", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23376" - }, - { - "name" : "ADV-2007-1340", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1340" - }, - { - "name" : "24793", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24793" - }, - { - "name" : "24901", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24901" - }, - { - "name" : "25078", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25078" - }, - { - "name" : "25099", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25099" - }, - { - "name" : "25392", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25392" - }, - { - "name" : "25683", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25683" - }, - { - "name" : "25714", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25714" - }, - { - "name" : "25691", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25691" - }, - { - "name" : "25961", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25961" - }, - { - "name" : "25226", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25226" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter than the specified length, which triggers a BUG_ON call when an attempt is made to perform a checksum." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-1286", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1286" + }, + { + "name": "ADV-2007-1340", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1340" + }, + { + "name": "USN-464-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-464-1" + }, + { + "name": "SUSE-SA:2007:043", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html" + }, + { + "name": "24901", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24901" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235857", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=235857" + }, + { + "name": "23376", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23376" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1244", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1244" + }, + { + "name": "25226", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25226" + }, + { + "name": "SUSE-SA:2007:029", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.5", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.5" + }, + { + "name": "25683", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25683" + }, + { + "name": "24793", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24793" + }, + { + "name": "25099", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25099" + }, + { + "name": "20070615 rPSA-2007-0124-1 kernel xen", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471457" + }, + { + "name": "25961", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25961" + }, + { + "name": "25078", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25078" + }, + { + "name": "25392", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25392" + }, + { + "name": "SUSE-SA:2007:030", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_30_kernel.html" + }, + { + "name": "DSA-1304", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1304" + }, + { + "name": "25714", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25714" + }, + { + "name": "SUSE-SA:2007:035", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_35_kernel.html" + }, + { + "name": "25691", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25691" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1411.json b/2007/1xxx/CVE-2007-1411.json index 2ed025e6b74..da37f3b093b 100644 --- a/2007/1xxx/CVE-2007-1411.json +++ b/2007/1xxx/CVE-2007-1411.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1411", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1411", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070306 PHP <= 4.4.6 mssql_connect() & mssql_pconnect() local buffer overflow and safe_mode bypass", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462010/100/0/threaded" - }, - { - "name" : "http://retrogod.altervista.org/php_446_mssql_connect_bof.html", - "refsource" : "MISC", - "url" : "http://retrogod.altervista.org/php_446_mssql_connect_bof.html" - }, - { - "name" : "22832", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22832" - }, - { - "name" : "ADV-2007-0867", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0867" - }, - { - "name" : "24353", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24353" - }, - { - "name" : "2407", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2407" - }, - { - "name" : "php-ntwdblib-bo(32885)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32885" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2407", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2407" + }, + { + "name": "ADV-2007-0867", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0867" + }, + { + "name": "24353", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24353" + }, + { + "name": "22832", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22832" + }, + { + "name": "20070306 PHP <= 4.4.6 mssql_connect() & mssql_pconnect() local buffer overflow and safe_mode bypass", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462010/100/0/threaded" + }, + { + "name": "http://retrogod.altervista.org/php_446_mssql_connect_bof.html", + "refsource": "MISC", + "url": "http://retrogod.altervista.org/php_446_mssql_connect_bof.html" + }, + { + "name": "php-ntwdblib-bo(32885)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32885" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1590.json b/2007/1xxx/CVE-2007-1590.json index f81a183c432..6d1b066a40d 100644 --- a/2007/1xxx/CVE-2007-1590.json +++ b/2007/1xxx/CVE-2007-1590.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1590", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Grandstream BudgeTone 200 IP phone, with program 1.1.1.14 and bootloader 1.1.1.5, allows remote attackers to cause a denial of service (device crash) via SIP (1) INVITE, (2) CANCEL, or unspecified other messages with a WWW-Authenticate header containing a crafted Digest domain." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1590", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070321 Grandstream Budge Tone-200 denial of service vulnerability", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/053099.html" - }, - { - "name" : "23075", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23075" - }, - { - "name" : "ADV-2007-1054", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1054" - }, - { - "name" : "34347", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34347" - }, - { - "name" : "1017804", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017804" - }, - { - "name" : "24538", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24538" - }, - { - "name" : "grandstream-wwwauthenticate-dos(33108)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33108" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Grandstream BudgeTone 200 IP phone, with program 1.1.1.14 and bootloader 1.1.1.5, allows remote attackers to cause a denial of service (device crash) via SIP (1) INVITE, (2) CANCEL, or unspecified other messages with a WWW-Authenticate header containing a crafted Digest domain." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "grandstream-wwwauthenticate-dos(33108)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33108" + }, + { + "name": "23075", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23075" + }, + { + "name": "1017804", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017804" + }, + { + "name": "24538", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24538" + }, + { + "name": "34347", + "refsource": "OSVDB", + "url": "http://osvdb.org/34347" + }, + { + "name": "ADV-2007-1054", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1054" + }, + { + "name": "20070321 Grandstream Budge Tone-200 denial of service vulnerability", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/053099.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1977.json b/2007/1xxx/CVE-2007-1977.json index 36f407cf3c8..7633c7e330e 100644 --- a/2007/1xxx/CVE-2007-1977.json +++ b/2007/1xxx/CVE-2007-1977.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1977", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index_cms.php in holaCMS 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the acuparam parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1977", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070403 [MajorSecurity Advisory #37]HolaCMS - Cross Site Scripting Issue", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464572/100/200/threaded" - }, - { - "name" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls37", - "refsource" : "MISC", - "url" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls37" - }, - { - "name" : "23288", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23288" - }, - { - "name" : "34685", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34685" - }, - { - "name" : "24656", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24656" - }, - { - "name" : "holacms-indexcms-xss(33392)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33392" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index_cms.php in holaCMS 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the acuparam parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24656", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24656" + }, + { + "name": "20070403 [MajorSecurity Advisory #37]HolaCMS - Cross Site Scripting Issue", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464572/100/200/threaded" + }, + { + "name": "holacms-indexcms-xss(33392)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33392" + }, + { + "name": "23288", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23288" + }, + { + "name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls37", + "refsource": "MISC", + "url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls37" + }, + { + "name": "34685", + "refsource": "OSVDB", + "url": "http://osvdb.org/34685" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5141.json b/2007/5xxx/CVE-2007-5141.json index dd13a3c6280..7bf1d6c8fe9 100644 --- a/2007/5xxx/CVE-2007-5141.json +++ b/2007/5xxx/CVE-2007-5141.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5141", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in search.php in SiteX CMS 0.7.3 Beta allows remote attackers to execute arbitrary SQL commands via the search parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5141", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070927 [waraxe-2007-SA#055] - Sql Injection in SiteX CMS 0.7.3 Beta", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/480814/100/0/threaded" - }, - { - "name" : "http://www.waraxe.us/advisory-55.html", - "refsource" : "MISC", - "url" : "http://www.waraxe.us/advisory-55.html" - }, - { - "name" : "3178", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3178" - }, - { - "name" : "sitex-search-sql-injection(36836)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36836" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in search.php in SiteX CMS 0.7.3 Beta allows remote attackers to execute arbitrary SQL commands via the search parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3178", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3178" + }, + { + "name": "http://www.waraxe.us/advisory-55.html", + "refsource": "MISC", + "url": "http://www.waraxe.us/advisory-55.html" + }, + { + "name": "sitex-search-sql-injection(36836)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36836" + }, + { + "name": "20070927 [waraxe-2007-SA#055] - Sql Injection in SiteX CMS 0.7.3 Beta", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/480814/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5384.json b/2007/5xxx/CVE-2007-5384.json index c8db50581ce..792332393fe 100644 --- a/2007/5xxx/CVE-2007-5384.json +++ b/2007/5xxx/CVE-2007-5384.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5384", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to perform actions as administrators via unspecified POST requests, as demonstrated by enabling an inbound remote-assistance HTTPS session on TCP port 51003. NOTE: an authentication bypass can be leveraged to exploit this in the absence of an existing administrative session. NOTE: SpeedTouch 780 might also be affected by some of these issues." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5384", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071008 BT Home Flub: Pwnin the BT Home Hub", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/481835/100/0/threaded" - }, - { - "name" : "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub", - "refsource" : "MISC", - "url" : "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub" - }, - { - "name" : "http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/", - "refsource" : "MISC", - "url" : "http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/" - }, - { - "name" : "25972", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25972" - }, - { - "name" : "3213", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3213" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to perform actions as administrators via unspecified POST requests, as demonstrated by enabling an inbound remote-assistance HTTPS session on TCP port 51003. NOTE: an authentication bypass can be leveraged to exploit this in the absence of an existing administrative session. NOTE: SpeedTouch 780 might also be affected by some of these issues." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3213", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3213" + }, + { + "name": "25972", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25972" + }, + { + "name": "20071008 BT Home Flub: Pwnin the BT Home Hub", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/481835/100/0/threaded" + }, + { + "name": "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub", + "refsource": "MISC", + "url": "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub" + }, + { + "name": "http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/", + "refsource": "MISC", + "url": "http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5489.json b/2007/5xxx/CVE-2007-5489.json index 51749fc6996..9325ebc3af5 100644 --- a/2007/5xxx/CVE-2007-5489.json +++ b/2007/5xxx/CVE-2007-5489.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5489", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5489", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4538", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4538" - }, - { - "name" : "26090", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26090" - }, - { - "name" : "27269", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27269" - }, - { - "name" : "artmedic-index-file-include(37240)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37240" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "artmedic-index-file-include(37240)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37240" + }, + { + "name": "26090", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26090" + }, + { + "name": "4538", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4538" + }, + { + "name": "27269", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27269" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5715.json b/2007/5xxx/CVE-2007-5715.json index 2a6ad3bf357..21c5b6815a0 100644 --- a/2007/5xxx/CVE-2007-5715.json +++ b/2007/5xxx/CVE-2007-5715.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5715", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "DenyHosts 2.6 processes OpenSSH sshd \"not listed in AllowUsers\" log messages with an incorrect regular expression that does not match an IP address, which might allow remote attackers to avoid detection and blocking when making invalid login attempts with a username not present in AllowUsers, as demonstrated by the root username, a different vulnerability than CVE-2007-4323." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5715", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=181213", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=181213" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=237449", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=237449" - }, - { - "name" : "45298", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "DenyHosts 2.6 processes OpenSSH sshd \"not listed in AllowUsers\" log messages with an incorrect regular expression that does not match an IP address, which might allow remote attackers to avoid detection and blocking when making invalid login attempts with a username not present in AllowUsers, as demonstrated by the root username, a different vulnerability than CVE-2007-4323." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=237449", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=237449" + }, + { + "name": "45298", + "refsource": "OSVDB", + "url": "http://osvdb.org/45298" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=181213", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=181213" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3593.json b/2015/3xxx/CVE-2015-3593.json index fb439444ad1..aeb10bf4fd1 100644 --- a/2015/3xxx/CVE-2015-3593.json +++ b/2015/3xxx/CVE-2015-3593.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3593", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3593", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3961.json b/2015/3xxx/CVE-2015-3961.json index 6c51950c531..a8cd50bdad0 100644 --- a/2015/3xxx/CVE-2015-3961.json +++ b/2015/3xxx/CVE-2015-3961.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3961", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allows remote authenticated users to cause a denial of service (memory corruption and reboot) via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-3961", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-167-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-167-01" - }, - { - "name" : "http://www.garrettcom.com/techsupport/MNS6K_R456_Release_Notes.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.garrettcom.com/techsupport/MNS6K_R456_Release_Notes.pdf" - }, - { - "name" : "75228", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75228" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allows remote authenticated users to cause a denial of service (memory corruption and reboot) via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "75228", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75228" + }, + { + "name": "http://www.garrettcom.com/techsupport/MNS6K_R456_Release_Notes.pdf", + "refsource": "CONFIRM", + "url": "http://www.garrettcom.com/techsupport/MNS6K_R456_Release_Notes.pdf" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-167-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-167-01" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6612.json b/2015/6xxx/CVE-2015-6612.json index 13c201a8534..173845f4faf 100644 --- a/2015/6xxx/CVE-2015-6612.json +++ b/2015/6xxx/CVE-2015-6612.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6612", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libmedia in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to gain privileges via a crafted application, aka internal bug 23540426." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-6612", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[android-security-updates] 20151102 Nexus Security Bulletin (November 2015)", - "refsource" : "MLIST", - "url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/n1aw2MGce4E/jhpVEWDUCAAJ" - }, - { - "name" : "1034049", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034049" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libmedia in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to gain privileges via a crafted application, aka internal bug 23540426." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[android-security-updates] 20151102 Nexus Security Bulletin (November 2015)", + "refsource": "MLIST", + "url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/n1aw2MGce4E/jhpVEWDUCAAJ" + }, + { + "name": "1034049", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034049" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6767.json b/2015/6xxx/CVE-2015-6767.json index 5d1d658737d..4d4d3801f9e 100644 --- a/2015/6xxx/CVE-2015-6767.json +++ b/2015/6xxx/CVE-2015-6767.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6767", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in content/browser/appcache/appcache_dispatcher_host.cc in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect pointer maintenance associated with certain callbacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2015-6767", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=554908", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=554908" - }, - { - "name" : "https://codereview.chromium.org/1441683004/", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1441683004/" - }, - { - "name" : "DSA-3415", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3415" - }, - { - "name" : "GLSA-201603-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-09" - }, - { - "name" : "openSUSE-SU-2015:2290", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html" - }, - { - "name" : "openSUSE-SU-2015:2291", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html" - }, - { - "name" : "USN-2825-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2825-1" - }, - { - "name" : "78416", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78416" - }, - { - "name" : "1034298", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in content/browser/appcache/appcache_dispatcher_host.cc in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect pointer maintenance associated with certain callbacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://codereview.chromium.org/1441683004/", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1441683004/" + }, + { + "name": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html" + }, + { + "name": "USN-2825-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2825-1" + }, + { + "name": "openSUSE-SU-2015:2290", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html" + }, + { + "name": "GLSA-201603-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-09" + }, + { + "name": "78416", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78416" + }, + { + "name": "DSA-3415", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3415" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=554908", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=554908" + }, + { + "name": "openSUSE-SU-2015:2291", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html" + }, + { + "name": "1034298", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034298" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7084.json b/2015/7xxx/CVE-2015-7084.json index 3bc0388cb05..f303e12d10e 100644 --- a/2015/7xxx/CVE-2015-7084.json +++ b/2015/7xxx/CVE-2015-7084.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7084", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7084", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39357", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39357/" - }, - { - "name" : "39366", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39366/" - }, - { - "name" : "https://support.apple.com/HT205635", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205635" - }, - { - "name" : "https://support.apple.com/HT205637", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205637" - }, - { - "name" : "https://support.apple.com/HT205640", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205640" - }, - { - "name" : "https://support.apple.com/HT205641", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205641" - }, - { - "name" : "APPLE-SA-2015-12-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-12-08-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-12-08-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" - }, - { - "name" : "APPLE-SA-2015-12-08-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" - }, - { - "name" : "78719", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78719" - }, - { - "name" : "1034344", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7083." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205635", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205635" + }, + { + "name": "https://support.apple.com/HT205637", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205637" + }, + { + "name": "1034344", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034344" + }, + { + "name": "APPLE-SA-2015-12-08-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" + }, + { + "name": "APPLE-SA-2015-12-08-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" + }, + { + "name": "39357", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39357/" + }, + { + "name": "78719", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78719" + }, + { + "name": "39366", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39366/" + }, + { + "name": "APPLE-SA-2015-12-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" + }, + { + "name": "https://support.apple.com/HT205641", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205641" + }, + { + "name": "https://support.apple.com/HT205640", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205640" + }, + { + "name": "APPLE-SA-2015-12-08-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7356.json b/2015/7xxx/CVE-2015-7356.json index 4bfa9c3a38f..a4e3c593300 100644 --- a/2015/7xxx/CVE-2015-7356.json +++ b/2015/7xxx/CVE-2015-7356.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7356", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7356", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7411.json b/2015/7xxx/CVE-2015-7411.json index 0e028aa64c4..747517f2399 100644 --- a/2015/7xxx/CVE-2015-7411.json +++ b/2015/7xxx/CVE-2015-7411.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7411", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-7411", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21973559", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21973559" - }, - { - "name" : "IV77992", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV77992" - }, - { - "name" : "1035240", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035240" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035240", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035240" + }, + { + "name": "IV77992", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV77992" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21973559", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973559" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7689.json b/2015/7xxx/CVE-2015-7689.json index 24cf6f0481b..beb1438402a 100644 --- a/2015/7xxx/CVE-2015-7689.json +++ b/2015/7xxx/CVE-2015-7689.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7689", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7689", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7901.json b/2015/7xxx/CVE-2015-7901.json index 33fb4dc371a..ea11662e71f 100644 --- a/2015/7xxx/CVE-2015-7901.json +++ b/2015/7xxx/CVE-2015-7901.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7901", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-7901", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "42698", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/42698/" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-02" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42698", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/42698/" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-02" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8054.json b/2015/8xxx/CVE-2015-8054.json index c016b262b6f..cd10071da34 100644 --- a/2015/8xxx/CVE-2015-8054.json +++ b/2015/8xxx/CVE-2015-8054.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8054", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8054", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8106.json b/2015/8xxx/CVE-2015-8106.json index a3a04bbb254..379276acafb 100644 --- a/2015/8xxx/CVE-2015-8106.json +++ b/2015/8xxx/CVE-2015-8106.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8106", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \\keywords command in a crafted TeX file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8106", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151116 CVE-2015-8106 - latex2rtf v2.3.8 format string vulnerability", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/16/3" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1282492", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1282492" - }, - { - "name" : "https://sourceforge.net/p/latex2rtf/code/1244/", - "refsource" : "CONFIRM", - "url" : "https://sourceforge.net/p/latex2rtf/code/1244/" - }, - { - "name" : "FEDORA-2016-246417376c", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181677.html" - }, - { - "name" : "FEDORA-2016-3e320f369e", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181276.html" - }, - { - "name" : "FEDORA-2016-b9368247d4", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181725.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \\keywords command in a crafted TeX file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20151116 CVE-2015-8106 - latex2rtf v2.3.8 format string vulnerability", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/16/3" + }, + { + "name": "FEDORA-2016-3e320f369e", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181276.html" + }, + { + "name": "https://sourceforge.net/p/latex2rtf/code/1244/", + "refsource": "CONFIRM", + "url": "https://sourceforge.net/p/latex2rtf/code/1244/" + }, + { + "name": "FEDORA-2016-246417376c", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181677.html" + }, + { + "name": "FEDORA-2016-b9368247d4", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181725.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1282492", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282492" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8566.json b/2015/8xxx/CVE-2015-8566.json index 1b66b691b75..6bf6cc144a9 100644 --- a/2015/8xxx/CVE-2015-8566.json +++ b/2015/8xxx/CVE-2015-8566.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8566", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Session package 1.x before 1.3.1 for Joomla! Framework allows remote attackers to execute arbitrary code via unspecified session values." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8566", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://developer.joomla.org/security-centre/637-20151205-session-remote-code-execution-vulnerability.html", - "refsource" : "CONFIRM", - "url" : "https://developer.joomla.org/security-centre/637-20151205-session-remote-code-execution-vulnerability.html" - }, - { - "name" : "79197", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79197" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Session package 1.x before 1.3.1 for Joomla! Framework allows remote attackers to execute arbitrary code via unspecified session values." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "79197", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79197" + }, + { + "name": "https://developer.joomla.org/security-centre/637-20151205-session-remote-code-execution-vulnerability.html", + "refsource": "CONFIRM", + "url": "https://developer.joomla.org/security-centre/637-20151205-session-remote-code-execution-vulnerability.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8763.json b/2015/8xxx/CVE-2015-8763.json index 7c93bdef583..d997df03ab2 100644 --- a/2015/8xxx/CVE-2015-8763.json +++ b/2015/8xxx/CVE-2015-8763.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8763", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8763", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160108 Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/08/7" - }, - { - "name" : "http://freeradius.org/security.html#eap-pwd-2015", - "refsource" : "CONFIRM", - "url" : "http://freeradius.org/security.html#eap-pwd-2015" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://freeradius.org/security.html#eap-pwd-2015", + "refsource": "CONFIRM", + "url": "http://freeradius.org/security.html#eap-pwd-2015" + }, + { + "name": "[oss-security] 20160108 Re: CVE Request: freeradius: the EAP-PWD module performs insufficient validation on packets received from an EAP peer", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/08/7" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8990.json b/2015/8xxx/CVE-2015-8990.json index c1d2c467b73..43f318f8d29 100644 --- a/2015/8xxx/CVE-2015-8990.json +++ b/2015/8xxx/CVE-2015-8990.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@intel.com", - "ID" : "CVE-2015-8990", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Advanced Threat Defense (ATD)", - "version" : { - "version_data" : [ - { - "version_value" : "3.4.6 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Intel" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Detection bypass vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "secure@intel.com", + "ID": "CVE-2015-8990", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Advanced Threat Defense (ATD)", + "version": { + "version_data": [ + { + "version_value": "3.4.6 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Intel" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10127", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10127" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Detection bypass vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10127", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10127" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0037.json b/2016/0xxx/CVE-2016-0037.json index 773820e05ab..3d30853ab22 100644 --- a/2016/0xxx/CVE-2016-0037.json +++ b/2016/0xxx/CVE-2016-0037.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0037", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The forms-based authentication implementation in Active Directory Federation Services (ADFS) 3.0 in Microsoft Windows Server 2012 R2 allows remote attackers to cause a denial of service (daemon outage) via crafted data, aka \"Microsoft Active Directory Federation Services Denial of Service Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0037", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-020", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-020" - }, - { - "name" : "82507", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/82507" - }, - { - "name" : "1034984", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034984" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The forms-based authentication implementation in Active Directory Federation Services (ADFS) 3.0 in Microsoft Windows Server 2012 R2 allows remote attackers to cause a denial of service (daemon outage) via crafted data, aka \"Microsoft Active Directory Federation Services Denial of Service Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034984", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034984" + }, + { + "name": "82507", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/82507" + }, + { + "name": "MS16-020", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-020" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0270.json b/2016/0xxx/CVE-2016-0270.json index f846db7d599..d3562d678ef 100644 --- a/2016/0xxx/CVE-2016-0270.json +++ b/2016/0xxx/CVE-2016-0270.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0270", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a \"forbidden attack.\" NOTE: this CVE has been incorrectly used for GCM nonce reuse issues in other products; see CVE-2016-10213 for the A10 issue, CVE-2016-10212 for the Radware issue, and CVE-2017-5933 for the Citrix issue." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0270", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/nonce-disrespect/nonce-disrespect", - "refsource" : "MISC", - "url" : "https://github.com/nonce-disrespect/nonce-disrespect" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21979604", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21979604" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21979669", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21979669" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21979673", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21979673" - }, - { - "name" : "https://support.citrix.com/article/CTX220329", - "refsource" : "CONFIRM", - "url" : "https://support.citrix.com/article/CTX220329" - }, - { - "name" : "96062", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96062" - }, - { - "name" : "1037795", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037795" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a \"forbidden attack.\" NOTE: this CVE has been incorrectly used for GCM nonce reuse issues in other products; see CVE-2016-10213 for the A10 issue, CVE-2016-10212 for the Radware issue, and CVE-2017-5933 for the Citrix issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "96062", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96062" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21979604", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979604" + }, + { + "name": "https://github.com/nonce-disrespect/nonce-disrespect", + "refsource": "MISC", + "url": "https://github.com/nonce-disrespect/nonce-disrespect" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21979673", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979673" + }, + { + "name": "https://support.citrix.com/article/CTX220329", + "refsource": "CONFIRM", + "url": "https://support.citrix.com/article/CTX220329" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21979669", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979669" + }, + { + "name": "1037795", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037795" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0428.json b/2016/0xxx/CVE-2016-0428.json index 9ce03d1610b..69ed1cde16d 100644 --- a/2016/0xxx/CVE-2016-0428.json +++ b/2016/0xxx/CVE-2016-0428.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0428", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Verified Boot." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0428", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034735", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034735" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Verified Boot." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034735", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034735" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0475.json b/2016/0xxx/CVE-2016-0475.json index f527b17801b..53beb443a5c 100644 --- a/2016/0xxx/CVE-2016-0475.json +++ b/2016/0xxx/CVE-2016-0475.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0475", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0475", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10148", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10148" - }, - { - "name" : "GLSA-201610-08", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-08" - }, - { - "name" : "RHSA-2016:0049", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0049.html" - }, - { - "name" : "RHSA-2016:0050", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0050.html" - }, - { - "name" : "RHSA-2016:0055", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0055.html" - }, - { - "name" : "SUSE-SU-2016:0256", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" - }, - { - "name" : "1034715", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034715" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034715", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034715" + }, + { + "name": "GLSA-201610-08", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-08" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "RHSA-2016:0049", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10148", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10148" + }, + { + "name": "SUSE-SU-2016:0256", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" + }, + { + "name": "RHSA-2016:0055", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" + }, + { + "name": "RHSA-2016:0050", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0720.json b/2016/0xxx/CVE-2016-0720.json index f41a27d3e4d..506177b858f 100644 --- a/2016/0xxx/CVE-2016-0720.json +++ b/2016/0xxx/CVE-2016-0720.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0720", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0720", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1299614", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1299614" - }, - { - "name" : "https://github.com/ClusterLabs/pcs/commit/b9e7f061788c3b86a0c67d2d4158f067ec5eb625", - "refsource" : "CONFIRM", - "url" : "https://github.com/ClusterLabs/pcs/commit/b9e7f061788c3b86a0c67d2d4158f067ec5eb625" - }, - { - "name" : "FEDORA-2016-3b20c4ec9d", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178261.html" - }, - { - "name" : "FEDORA-2016-cdd4228cc7", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178384.html" - }, - { - "name" : "RHSA-2016:2596", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2596.html" - }, - { - "name" : "97984", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97984" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1299614", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299614" + }, + { + "name": "https://github.com/ClusterLabs/pcs/commit/b9e7f061788c3b86a0c67d2d4158f067ec5eb625", + "refsource": "CONFIRM", + "url": "https://github.com/ClusterLabs/pcs/commit/b9e7f061788c3b86a0c67d2d4158f067ec5eb625" + }, + { + "name": "FEDORA-2016-cdd4228cc7", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178384.html" + }, + { + "name": "97984", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97984" + }, + { + "name": "RHSA-2016:2596", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2596.html" + }, + { + "name": "FEDORA-2016-3b20c4ec9d", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178261.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1206.json b/2016/1xxx/CVE-2016-1206.json index bb567644434..f70cac0915d 100644 --- a/2016/1xxx/CVE-2016-1206.json +++ b/2016/1xxx/CVE-2016-1206.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1206", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The WPS implementation on I-O DATA DEVICE WN-GDN/R3, WN-GDN/R3-C, WN-GDN/R3-S, and WN-GDN/R3-U devices does not limit PIN guesses, which allows remote attackers to obtain network access via a brute-force attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1206", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.iodata.jp/support/information/2016/wn-gdnr3_bfa/", - "refsource" : "CONFIRM", - "url" : "http://www.iodata.jp/support/information/2016/wn-gdnr3_bfa/" - }, - { - "name" : "JVN#25674893", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN25674893/index.html" - }, - { - "name" : "JVNDB-2016-000061", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000061" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WPS implementation on I-O DATA DEVICE WN-GDN/R3, WN-GDN/R3-C, WN-GDN/R3-S, and WN-GDN/R3-U devices does not limit PIN guesses, which allows remote attackers to obtain network access via a brute-force attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#25674893", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN25674893/index.html" + }, + { + "name": "JVNDB-2016-000061", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000061" + }, + { + "name": "http://www.iodata.jp/support/information/2016/wn-gdnr3_bfa/", + "refsource": "CONFIRM", + "url": "http://www.iodata.jp/support/information/2016/wn-gdnr3_bfa/" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1268.json b/2016/1xxx/CVE-2016-1268.json index a8b1fbc8959..c39a40892b3 100644 --- a/2016/1xxx/CVE-2016-1268.json +++ b/2016/1xxx/CVE-2016-1268.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1268", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The administrative web services interface in Juniper ScreenOS before 6.3.0r21 allows remote attackers to cause a denial of service (reboot) via a crafted SSL packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1268", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10732", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10732" - }, - { - "name" : "1035666", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035666" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The administrative web services interface in Juniper ScreenOS before 6.3.0r21 allows remote attackers to cause a denial of service (reboot) via a crafted SSL packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10732", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10732" + }, + { + "name": "1035666", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035666" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1447.json b/2016/1xxx/CVE-2016-1447.json index a0a7d86fdb9..271ac065945 100644 --- a/2016/1xxx/CVE-2016-1447.json +++ b/2016/1xxx/CVE-2016-1447.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1447", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the administrator interface in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuy83194." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1447", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160714 Cisco WebEx Meetings Server Administrator Interface Reflected Cross-Site Scripting Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms1" - }, - { - "name" : "91781", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91781" - }, - { - "name" : "1036314", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036314" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the administrator interface in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuy83194." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91781", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91781" + }, + { + "name": "1036314", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036314" + }, + { + "name": "20160714 Cisco WebEx Meetings Server Administrator Interface Reflected Cross-Site Scripting Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms1" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1886.json b/2016/1xxx/CVE-2016-1886.json index 6c9cc14fe01..206e9092947 100644 --- a/2016/1xxx/CVE-2016-1886.json +++ b/2016/1xxx/CVE-2016-1886.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1886", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory overwrite and kernel crash), or gain privileges via a negative value in the flen structure member in the arg argument in a SETFKEY ioctl call, which triggers a \"two way heap and stack overflow.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1886", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://cturt.github.io/SETFKEY.html", - "refsource" : "MISC", - "url" : "http://cturt.github.io/SETFKEY.html" - }, - { - "name" : "https://security.FreeBSD.org/patches/SA-16:18/atkbd.patch", - "refsource" : "CONFIRM", - "url" : "https://security.FreeBSD.org/patches/SA-16:18/atkbd.patch" - }, - { - "name" : "FreeBSD-SA-16:18", - "refsource" : "FREEBSD", - "url" : "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:18.atkbd.asc" - }, - { - "name" : "90734", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90734" - }, - { - "name" : "1035905", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035905" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory overwrite and kernel crash), or gain privileges via a negative value in the flen structure member in the arg argument in a SETFKEY ioctl call, which triggers a \"two way heap and stack overflow.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035905", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035905" + }, + { + "name": "90734", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90734" + }, + { + "name": "FreeBSD-SA-16:18", + "refsource": "FREEBSD", + "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-16:18.atkbd.asc" + }, + { + "name": "https://security.FreeBSD.org/patches/SA-16:18/atkbd.patch", + "refsource": "CONFIRM", + "url": "https://security.FreeBSD.org/patches/SA-16:18/atkbd.patch" + }, + { + "name": "http://cturt.github.io/SETFKEY.html", + "refsource": "MISC", + "url": "http://cturt.github.io/SETFKEY.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5716.json b/2016/5xxx/CVE-2016-5716.json index f04677dc818..8bfe5f26536 100644 --- a/2016/5xxx/CVE-2016-5716.json +++ b/2016/5xxx/CVE-2016-5716.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@puppet.com", - "DATE_PUBLIC" : "2016-10-20T00:00:00", - "ID" : "CVE-2016-5716", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Puppet Enterprise", - "version" : { - "version_data" : [ - { - "version_value" : "PE < 2016.4.0" - } - ] - } - } - ] - }, - "vendor_name" : "Puppet" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads that potentially allows for remote code execution on the console node." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "RCE" - } + "CVE_data_meta": { + "ASSIGNER": "security@puppet.com", + "DATE_PUBLIC": "2016-10-20T00:00:00", + "ID": "CVE-2016-5716", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Puppet Enterprise", + "version": { + "version_data": [ + { + "version_value": "PE < 2016.4.0" + } + ] + } + } + ] + }, + "vendor_name": "Puppet" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://puppet.com/security/cve/pe-console-oct-2016", - "refsource" : "CONFIRM", - "url" : "https://puppet.com/security/cve/pe-console-oct-2016" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads that potentially allows for remote code execution on the console node." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "RCE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://puppet.com/security/cve/pe-console-oct-2016", + "refsource": "CONFIRM", + "url": "https://puppet.com/security/cve/pe-console-oct-2016" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5737.json b/2016/5xxx/CVE-2016-5737.json index 7265a2a5f4c..6b2b0ec090b 100644 --- a/2016/5xxx/CVE-2016-5737.json +++ b/2016/5xxx/CVE-2016-5737.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5737", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Gerrit configuration in the Openstack Puppet module for Gerrit (aka puppet-gerrit) improperly marks text/html as a safe mimetype, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a crafted review." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5737", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160622 Re: CVE Request Openstack-infra puppet-gerrit module xss vulnerability", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/22/2" - }, - { - "name" : "https://github.com/openstack-infra/puppet-gerrit/commit/8573c2ee172f66c1667de49685c88fdc8883ca8b", - "refsource" : "CONFIRM", - "url" : "https://github.com/openstack-infra/puppet-gerrit/commit/8573c2ee172f66c1667de49685c88fdc8883ca8b" - }, - { - "name" : "91352", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91352" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Gerrit configuration in the Openstack Puppet module for Gerrit (aka puppet-gerrit) improperly marks text/html as a safe mimetype, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a crafted review." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91352", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91352" + }, + { + "name": "[oss-security] 20160622 Re: CVE Request Openstack-infra puppet-gerrit module xss vulnerability", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/22/2" + }, + { + "name": "https://github.com/openstack-infra/puppet-gerrit/commit/8573c2ee172f66c1667de49685c88fdc8883ca8b", + "refsource": "CONFIRM", + "url": "https://github.com/openstack-infra/puppet-gerrit/commit/8573c2ee172f66c1667de49685c88fdc8883ca8b" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0092.json b/2019/0xxx/CVE-2019-0092.json index 45a6d68673e..51630bc8e18 100644 --- a/2019/0xxx/CVE-2019-0092.json +++ b/2019/0xxx/CVE-2019-0092.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0092", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0092", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0377.json b/2019/0xxx/CVE-2019-0377.json index f1d051f58f8..1bd8ef98423 100644 --- a/2019/0xxx/CVE-2019-0377.json +++ b/2019/0xxx/CVE-2019-0377.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0377", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0377", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0652.json b/2019/0xxx/CVE-2019-0652.json index 8bcd9439ff2..e80d58e72bb 100644 --- a/2019/0xxx/CVE-2019-0652.json +++ b/2019/0xxx/CVE-2019-0652.json @@ -1,125 +1,125 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0652", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Edge", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 for x64-based Systems" - }, - { - "version_value" : "Windows Server 2016" - }, - { - "version_value" : "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value" : "Windows Server 2019" - }, - { - "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name" : "ChakraCore", - "version" : { - "version_data" : [ - { - "version_value" : "" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0655." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0652", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Edge", + "version": { + "version_data": [ + { + "version_value": "Windows 10 for 32-bit Systems" + }, + { + "version_value": "Windows 10 for x64-based Systems" + }, + { + "version_value": "Windows Server 2016" + }, + { + "version_value": "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "Windows Server 2019" + }, + { + "version_value": "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "ChakraCore", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652" - }, - { - "name" : "106903", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106903" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0655." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106903", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106903" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0652" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0734.json b/2019/0xxx/CVE-2019-0734.json index 9886e4f3821..6874bd0c802 100644 --- a/2019/0xxx/CVE-2019-0734.json +++ b/2019/0xxx/CVE-2019-0734.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0734", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0734", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0874.json b/2019/0xxx/CVE-2019-0874.json index 2b55b03efc4..7de1690f721 100644 --- a/2019/0xxx/CVE-2019-0874.json +++ b/2019/0xxx/CVE-2019-0874.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0874", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0874", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1059.json b/2019/1xxx/CVE-2019-1059.json index 9955d96867e..233563a7146 100644 --- a/2019/1xxx/CVE-2019-1059.json +++ b/2019/1xxx/CVE-2019-1059.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1059", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1059", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1339.json b/2019/1xxx/CVE-2019-1339.json index c6e64bfcde0..487f894ee24 100644 --- a/2019/1xxx/CVE-2019-1339.json +++ b/2019/1xxx/CVE-2019-1339.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1339", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1339", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1550.json b/2019/1xxx/CVE-2019-1550.json index c8c99bc796f..21b4f8144df 100644 --- a/2019/1xxx/CVE-2019-1550.json +++ b/2019/1xxx/CVE-2019-1550.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1550", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1550", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1997.json b/2019/1xxx/CVE-2019-1997.json index dbabd0758b2..7d2f40b46b1 100644 --- a/2019/1xxx/CVE-2019-1997.json +++ b/2019/1xxx/CVE-2019-1997.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2019-02-04T00:00:00", - "ID" : "CVE-2019-1997", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" - } - ] - } - } - ] - }, - "vendor_name" : "Android" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure default value. This could lead to local information disclosure via an insecure wireless connection with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-117508900." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2019-02-04T00:00:00", + "ID": "CVE-2019-1997", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + }, + "vendor_name": "Android" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2019-02-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2019-02-01" - }, - { - "name" : "106946", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106946" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure default value. This could lead to local information disclosure via an insecure wireless connection with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-117508900." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2019-02-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2019-02-01" + }, + { + "name": "106946", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106946" + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4234.json b/2019/4xxx/CVE-2019-4234.json index 0a29fa71214..0a01c6bf87c 100644 --- a/2019/4xxx/CVE-2019-4234.json +++ b/2019/4xxx/CVE-2019-4234.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4234", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4234", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4247.json b/2019/4xxx/CVE-2019-4247.json index 58299efca2f..bbe5b4ba87c 100644 --- a/2019/4xxx/CVE-2019-4247.json +++ b/2019/4xxx/CVE-2019-4247.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4247", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4247", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4551.json b/2019/4xxx/CVE-2019-4551.json index b9153e69592..c5dca61104a 100644 --- a/2019/4xxx/CVE-2019-4551.json +++ b/2019/4xxx/CVE-2019-4551.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4551", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4551", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4975.json b/2019/4xxx/CVE-2019-4975.json index a46e5b3181d..a990f9d75ae 100644 --- a/2019/4xxx/CVE-2019-4975.json +++ b/2019/4xxx/CVE-2019-4975.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4975", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4975", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5503.json b/2019/5xxx/CVE-2019-5503.json index 6957f465607..8667ca2c827 100644 --- a/2019/5xxx/CVE-2019-5503.json +++ b/2019/5xxx/CVE-2019-5503.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5503", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5503", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5533.json b/2019/5xxx/CVE-2019-5533.json index e8be6d3905e..d84872646b4 100644 --- a/2019/5xxx/CVE-2019-5533.json +++ b/2019/5xxx/CVE-2019-5533.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5533", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5533", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5917.json b/2019/5xxx/CVE-2019-5917.json index 5e6db333998..38e49dcedb5 100644 --- a/2019/5xxx/CVE-2019-5917.json +++ b/2019/5xxx/CVE-2019-5917.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2019-5917", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "azure-umqtt-c", - "version" : { - "version_data" : [ - { - "version_value" : "azure-umqtt-c that was available through GitHub prior to 2017 October 6." - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "azure-umqtt-c (available through GitHub prior to 2017 October 6) allows remote attackers to cause a denial of service via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial-of-service (DoS)" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2019-5917", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "azure-umqtt-c", + "version": { + "version_data": [ + { + "version_value": "azure-umqtt-c that was available through GitHub prior to 2017 October 6." + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/Azure/azure-umqtt-c", - "refsource" : "MISC", - "url" : "https://github.com/Azure/azure-umqtt-c" - }, - { - "name" : "JVN#05875753", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN05875753/index.html" - }, - { - "name" : "107149", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107149" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "azure-umqtt-c (available through GitHub prior to 2017 October 6) allows remote attackers to cause a denial of service via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial-of-service (DoS)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/Azure/azure-umqtt-c", + "refsource": "MISC", + "url": "https://github.com/Azure/azure-umqtt-c" + }, + { + "name": "107149", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107149" + }, + { + "name": "JVN#05875753", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN05875753/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8052.json b/2019/8xxx/CVE-2019-8052.json index 29549a31677..38c666e4928 100644 --- a/2019/8xxx/CVE-2019-8052.json +++ b/2019/8xxx/CVE-2019-8052.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8052", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8052", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8113.json b/2019/8xxx/CVE-2019-8113.json index d22f699002b..8fc7f4c579a 100644 --- a/2019/8xxx/CVE-2019-8113.json +++ b/2019/8xxx/CVE-2019-8113.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8113", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8113", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8577.json b/2019/8xxx/CVE-2019-8577.json index 48bab4eb5b3..6257f96f0f7 100644 --- a/2019/8xxx/CVE-2019-8577.json +++ b/2019/8xxx/CVE-2019-8577.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8577", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8577", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8744.json b/2019/8xxx/CVE-2019-8744.json index bc30f44ac42..2b38e9ff02b 100644 --- a/2019/8xxx/CVE-2019-8744.json +++ b/2019/8xxx/CVE-2019-8744.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8744", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8744", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9242.json b/2019/9xxx/CVE-2019-9242.json index 433e8bc9c50..4656da3cfb0 100644 --- a/2019/9xxx/CVE-2019-9242.json +++ b/2019/9xxx/CVE-2019-9242.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9242", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9242", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9406.json b/2019/9xxx/CVE-2019-9406.json index 21a79c55a34..7352724c42d 100644 --- a/2019/9xxx/CVE-2019-9406.json +++ b/2019/9xxx/CVE-2019-9406.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9406", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9406", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9435.json b/2019/9xxx/CVE-2019-9435.json index 4fe4e421f40..3eaf48d2822 100644 --- a/2019/9xxx/CVE-2019-9435.json +++ b/2019/9xxx/CVE-2019-9435.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9435", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9435", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9733.json b/2019/9xxx/CVE-2019-9733.json index 7384187ec78..82ba1f00922 100644 --- a/2019/9xxx/CVE-2019-9733.json +++ b/2019/9xxx/CVE-2019-9733.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9733", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9733", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file