From 112f76f9205afbcaf3f67dfc86b53262574bf94f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 22:47:51 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0673.json | 120 +++--- 1999/0xxx/CVE-1999-0911.json | 130 +++---- 1999/1xxx/CVE-1999-1452.json | 170 ++++----- 2005/2xxx/CVE-2005-2135.json | 120 +++--- 2007/1xxx/CVE-2007-1420.json | 310 ++++++++-------- 2007/1xxx/CVE-2007-1507.json | 250 ++++++------- 2007/1xxx/CVE-2007-1693.json | 150 ++++---- 2007/1xxx/CVE-2007-1720.json | 170 ++++----- 2007/1xxx/CVE-2007-1982.json | 170 ++++----- 2007/5xxx/CVE-2007-5225.json | 240 ++++++------ 2007/5xxx/CVE-2007-5342.json | 570 ++++++++++++++--------------- 2007/5xxx/CVE-2007-5896.json | 150 ++++---- 2007/5xxx/CVE-2007-5908.json | 34 +- 2009/2xxx/CVE-2009-2056.json | 130 +++---- 2015/3xxx/CVE-2015-3431.json | 130 +++---- 2015/3xxx/CVE-2015-3588.json | 34 +- 2015/3xxx/CVE-2015-3589.json | 34 +- 2015/4xxx/CVE-2015-4299.json | 140 +++---- 2015/4xxx/CVE-2015-4405.json | 34 +- 2015/4xxx/CVE-2015-4711.json | 34 +- 2015/4xxx/CVE-2015-4892.json | 130 +++---- 2015/7xxx/CVE-2015-7326.json | 170 ++++----- 2015/8xxx/CVE-2015-8171.json | 34 +- 2015/8xxx/CVE-2015-8320.json | 150 ++++---- 2015/8xxx/CVE-2015-8321.json | 34 +- 2015/9xxx/CVE-2015-9256.json | 120 +++--- 2015/9xxx/CVE-2015-9264.json | 120 +++--- 2016/1xxx/CVE-2016-1014.json | 200 +++++----- 2016/1xxx/CVE-2016-1135.json | 130 +++---- 2016/1xxx/CVE-2016-1445.json | 140 +++---- 2016/1xxx/CVE-2016-1492.json | 160 ++++---- 2016/1xxx/CVE-2016-1707.json | 210 +++++------ 2016/1xxx/CVE-2016-1722.json | 200 +++++----- 2016/5xxx/CVE-2016-5198.json | 160 ++++---- 2016/5xxx/CVE-2016-5325.json | 180 ++++----- 2016/5xxx/CVE-2016-5341.json | 150 ++++---- 2016/5xxx/CVE-2016-5540.json | 130 +++---- 2016/5xxx/CVE-2016-5552.json | 352 +++++++++--------- 2018/1999xxx/CVE-2018-1999046.json | 126 +++---- 2018/2xxx/CVE-2018-2222.json | 34 +- 2018/2xxx/CVE-2018-2327.json | 34 +- 2018/2xxx/CVE-2018-2483.json | 156 ++++---- 2018/2xxx/CVE-2018-2493.json | 34 +- 2019/0xxx/CVE-2019-0424.json | 34 +- 2019/0xxx/CVE-2019-0510.json | 34 +- 2019/0xxx/CVE-2019-0743.json | 130 +++---- 2019/1xxx/CVE-2019-1111.json | 34 +- 2019/1xxx/CVE-2019-1713.json | 34 +- 2019/1xxx/CVE-2019-1746.json | 34 +- 2019/1xxx/CVE-2019-1871.json | 34 +- 2019/4xxx/CVE-2019-4014.json | 34 +- 2019/4xxx/CVE-2019-4128.json | 34 +- 2019/4xxx/CVE-2019-4710.json | 34 +- 2019/4xxx/CVE-2019-4913.json | 34 +- 2019/5xxx/CVE-2019-5327.json | 34 +- 2019/5xxx/CVE-2019-5478.json | 34 +- 2019/5xxx/CVE-2019-5558.json | 34 +- 2019/5xxx/CVE-2019-5790.json | 34 +- 2019/9xxx/CVE-2019-9190.json | 34 +- 59 files changed, 3457 insertions(+), 3457 deletions(-) diff --git a/1999/0xxx/CVE-1999-0673.json b/1999/0xxx/CVE-1999-0673.json index 693980d6a17..ff590581cd6 100644 --- a/1999/0xxx/CVE-1999-0673.json +++ b/1999/0xxx/CVE-1999-0673.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0673", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in ALMail32 POP3 client via From: or To: headers." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0673", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "574", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/574" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in ALMail32 POP3 client via From: or To: headers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "574", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/574" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0911.json b/1999/0xxx/CVE-1999-0911.json index d33e197a3bd..27b0808d93a 100644 --- a/1999/0xxx/CVE-1999-0911.json +++ b/1999/0xxx/CVE-1999-0911.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0911", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0911", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990210", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/1999/19990210" - }, - { - "name" : "612", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/612" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "612", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/612" + }, + { + "name": "19990210", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/1999/19990210" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1452.json b/1999/1xxx/CVE-1999-1452.json index e4b1751c816..cc48c41fe0d 100644 --- a/1999/1xxx/CVE-1999-1452.json +++ b/1999/1xxx/CVE-1999-1452.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1452", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1452", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990129 ole objects in a \"secured\" environment?", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=91764169410814&w=2" - }, - { - "name" : "19990205 Alert: MS releases GINA-fix for SP3, SP4, and TS", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=91822011021558&w=2" - }, - { - "name" : "19990129 ole objects in a \"secured\" environment?", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=91788829326419&w=2" - }, - { - "name" : "Q214802", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/support/kb/articles/q214/8/02.asp" - }, - { - "name" : "198", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/198" - }, - { - "name" : "nt-gina-clipboard(1975)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1975" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990205 Alert: MS releases GINA-fix for SP3, SP4, and TS", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=91822011021558&w=2" + }, + { + "name": "19990129 ole objects in a \"secured\" environment?", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=91788829326419&w=2" + }, + { + "name": "19990129 ole objects in a \"secured\" environment?", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=91764169410814&w=2" + }, + { + "name": "198", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/198" + }, + { + "name": "nt-gina-clipboard(1975)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1975" + }, + { + "name": "Q214802", + "refsource": "MSKB", + "url": "http://support.microsoft.com/support/kb/articles/q214/8/02.asp" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2135.json b/2005/2xxx/CVE-2005-2135.json index fa4952bca8b..2acf1550fb2 100644 --- a/2005/2xxx/CVE-2005-2135.json +++ b/2005/2xxx/CVE-2005-2135.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2135", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in verify.asp in EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) T1 or (2) T2 parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2135", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "15818", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15818" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in verify.asp in EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) T1 or (2) T2 parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "15818", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15818" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1420.json b/2007/1xxx/CVE-2007-1420.json index 5b4ac0d6bbc..00ad14f1e18 100644 --- a/2007/1xxx/CVE-2007-1420.json +++ b/2007/1xxx/CVE-2007-1420.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1420", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1420", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070309 SEC Consult SA-20070309-0 :: MySQL 5 Single Row Subselect Denial of Service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462339/100/0/threaded" - }, - { - "name" : "http://www.sec-consult.com/284.html", - "refsource" : "MISC", - "url" : "http://www.sec-consult.com/284.html" - }, - { - "name" : "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-36.html", - "refsource" : "CONFIRM", - "url" : "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-36.html" - }, - { - "name" : "http://bugs.mysql.com/bug.php?id=24630", - "refsource" : "CONFIRM", - "url" : "http://bugs.mysql.com/bug.php?id=24630" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1127", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1127" - }, - { - "name" : "GLSA-200705-11", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200705-11.xml" - }, - { - "name" : "MDKSA-2007:139", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:139" - }, - { - "name" : "RHSA-2008:0364", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0364.html" - }, - { - "name" : "USN-440-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-440-1" - }, - { - "name" : "22900", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22900" - }, - { - "name" : "oval:org.mitre.oval:def:9530", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9530" - }, - { - "name" : "30351", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30351" - }, - { - "name" : "ADV-2007-0908", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0908" - }, - { - "name" : "1017746", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017746" - }, - { - "name" : "24483", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24483" - }, - { - "name" : "24609", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24609" - }, - { - "name" : "25196", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25196" - }, - { - "name" : "25389", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25389" - }, - { - "name" : "25946", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25946" - }, - { - "name" : "2413", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2413" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-36.html", + "refsource": "CONFIRM", + "url": "http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-36.html" + }, + { + "name": "25196", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25196" + }, + { + "name": "24609", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24609" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1127", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1127" + }, + { + "name": "25389", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25389" + }, + { + "name": "USN-440-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-440-1" + }, + { + "name": "GLSA-200705-11", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200705-11.xml" + }, + { + "name": "2413", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2413" + }, + { + "name": "25946", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25946" + }, + { + "name": "ADV-2007-0908", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0908" + }, + { + "name": "20070309 SEC Consult SA-20070309-0 :: MySQL 5 Single Row Subselect Denial of Service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462339/100/0/threaded" + }, + { + "name": "24483", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24483" + }, + { + "name": "1017746", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017746" + }, + { + "name": "http://www.sec-consult.com/284.html", + "refsource": "MISC", + "url": "http://www.sec-consult.com/284.html" + }, + { + "name": "MDKSA-2007:139", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:139" + }, + { + "name": "30351", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30351" + }, + { + "name": "http://bugs.mysql.com/bug.php?id=24630", + "refsource": "CONFIRM", + "url": "http://bugs.mysql.com/bug.php?id=24630" + }, + { + "name": "oval:org.mitre.oval:def:9530", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9530" + }, + { + "name": "22900", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22900" + }, + { + "name": "RHSA-2008:0364", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0364.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1507.json b/2007/1xxx/CVE-2007-1507.json index 81a783921d6..2e63a67502f 100644 --- a/2007/1xxx/CVE-2007-1507.json +++ b/2007/1xxx/CVE-2007-1507.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1507", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default configuration in OpenAFS 1.4.x before 1.4.4 and 1.5.x before 1.5.17 supports setuid programs within the local cell, which might allow attackers to gain privileges by spoofing a response to an AFS cache manager FetchStatus request, and setting setuid and root ownership for files in the cache." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1507", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[OpenAFS-announce] 20070319 OpenAFS 1.4.4 available", - "refsource" : "MLIST", - "url" : "http://www.openafs.org/pipermail/openafs-announce/2007/000185.html" - }, - { - "name" : "[OpenAFS-announce] 20070319 OpenAFS 1.5.17 release available", - "refsource" : "MLIST", - "url" : "http://www.openafs.org/pipermail/openafs-announce/2007/000186.html" - }, - { - "name" : "[OpenAFS-announce] 20070320 OpenAFS Security Advisory 2007-001: privilege escalation in Unix-based clients", - "refsource" : "MLIST", - "url" : "http://www.openafs.org/pipermail/openafs-announce/2007/000187.html" - }, - { - "name" : "DSA-1271", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1271" - }, - { - "name" : "GLSA-200704-03", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200704-03.xml" - }, - { - "name" : "MDKSA-2007:066", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:066" - }, - { - "name" : "23060", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23060" - }, - { - "name" : "ADV-2007-1033", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1033" - }, - { - "name" : "1017807", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017807" - }, - { - "name" : "24582", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24582" - }, - { - "name" : "24599", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24599" - }, - { - "name" : "24607", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24607" - }, - { - "name" : "24720", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24720" - }, - { - "name" : "openafs-setuid-privilege-escalation(33180)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33180" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default configuration in OpenAFS 1.4.x before 1.4.4 and 1.5.x before 1.5.17 supports setuid programs within the local cell, which might allow attackers to gain privileges by spoofing a response to an AFS cache manager FetchStatus request, and setting setuid and root ownership for files in the cache." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1033", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1033" + }, + { + "name": "24582", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24582" + }, + { + "name": "1017807", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017807" + }, + { + "name": "[OpenAFS-announce] 20070319 OpenAFS 1.5.17 release available", + "refsource": "MLIST", + "url": "http://www.openafs.org/pipermail/openafs-announce/2007/000186.html" + }, + { + "name": "openafs-setuid-privilege-escalation(33180)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33180" + }, + { + "name": "DSA-1271", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1271" + }, + { + "name": "24720", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24720" + }, + { + "name": "[OpenAFS-announce] 20070319 OpenAFS 1.4.4 available", + "refsource": "MLIST", + "url": "http://www.openafs.org/pipermail/openafs-announce/2007/000185.html" + }, + { + "name": "24607", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24607" + }, + { + "name": "GLSA-200704-03", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200704-03.xml" + }, + { + "name": "[OpenAFS-announce] 20070320 OpenAFS Security Advisory 2007-001: privilege escalation in Unix-based clients", + "refsource": "MLIST", + "url": "http://www.openafs.org/pipermail/openafs-announce/2007/000187.html" + }, + { + "name": "MDKSA-2007:066", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:066" + }, + { + "name": "24599", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24599" + }, + { + "name": "23060", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23060" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1693.json b/2007/1xxx/CVE-2007-1693.json index 88a20b824e5..600fc18316d 100644 --- a/2007/1xxx/CVE-2007-1693.json +++ b/2007/1xxx/CVE-2007-1693.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1693", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SIP channel module in Yet Another Telephony Engine (Yate) before 1.2.0 sets the caller_info_uri parameter using an incorrect variable that can be NULL, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a Call-Info header without a purpose parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1693", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070501 Radware Security Advisory - Yate 1.1.0 Denial of Service Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/467289/100/200/threaded" - }, - { - "name" : "http://voip.null.ro/cgi-bin/cvsweb.cgi/yate/modules/ysipchan.cpp", - "refsource" : "CONFIRM", - "url" : "http://voip.null.ro/cgi-bin/cvsweb.cgi/yate/modules/ysipchan.cpp" - }, - { - "name" : "23746", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23746" - }, - { - "name" : "2716", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2716" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SIP channel module in Yet Another Telephony Engine (Yate) before 1.2.0 sets the caller_info_uri parameter using an incorrect variable that can be NULL, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a Call-Info header without a purpose parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://voip.null.ro/cgi-bin/cvsweb.cgi/yate/modules/ysipchan.cpp", + "refsource": "CONFIRM", + "url": "http://voip.null.ro/cgi-bin/cvsweb.cgi/yate/modules/ysipchan.cpp" + }, + { + "name": "20070501 Radware Security Advisory - Yate 1.1.0 Denial of Service Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/467289/100/200/threaded" + }, + { + "name": "2716", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2716" + }, + { + "name": "23746", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23746" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1720.json b/2007/1xxx/CVE-2007-1720.json index d5ff21d8eee..93208af8075 100644 --- a/2007/1xxx/CVE-2007-1720.json +++ b/2007/1xxx/CVE-2007-1720.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1720", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in addressbook.php in the Addressbook 1.2 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module_name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1720", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3582", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3582" - }, - { - "name" : "23156", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23156" - }, - { - "name" : "ADV-2007-1118", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1118" - }, - { - "name" : "36572", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36572" - }, - { - "name" : "24697", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24697" - }, - { - "name" : "addressbook-addressbook-file-include(33243)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33243" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in addressbook.php in the Addressbook 1.2 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module_name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1118", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1118" + }, + { + "name": "24697", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24697" + }, + { + "name": "23156", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23156" + }, + { + "name": "3582", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3582" + }, + { + "name": "36572", + "refsource": "OSVDB", + "url": "http://osvdb.org/36572" + }, + { + "name": "addressbook-addressbook-file-include(33243)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33243" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1982.json b/2007/1xxx/CVE-2007-1982.json index 0262cc3651e..adebd16cc3f 100644 --- a/2007/1xxx/CVE-2007-1982.json +++ b/2007/1xxx/CVE-2007-1982.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1982", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) __IncludeFilePHPClass, (2) __ClassPath, and (3) __class parameters to (a) rspa/framework/Controller_v5.php, and (b) rspa/framework/Controller_v4.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1982", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3641", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3641" - }, - { - "name" : "http://www.bugtraq.ir/articles/advisory/RSPA_File_Inclusion/6", - "refsource" : "MISC", - "url" : "http://www.bugtraq.ir/articles/advisory/RSPA_File_Inclusion/6" - }, - { - "name" : "23246", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23246" - }, - { - "name" : "ADV-2007-1190", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1190" - }, - { - "name" : "24671", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24671" - }, - { - "name" : "rspa-controller-file-include(33356)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33356" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) __IncludeFilePHPClass, (2) __ClassPath, and (3) __class parameters to (a) rspa/framework/Controller_v5.php, and (b) rspa/framework/Controller_v4.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24671", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24671" + }, + { + "name": "23246", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23246" + }, + { + "name": "rspa-controller-file-include(33356)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33356" + }, + { + "name": "ADV-2007-1190", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1190" + }, + { + "name": "http://www.bugtraq.ir/articles/advisory/RSPA_File_Inclusion/6", + "refsource": "MISC", + "url": "http://www.bugtraq.ir/articles/advisory/RSPA_File_Inclusion/6" + }, + { + "name": "3641", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3641" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5225.json b/2007/5xxx/CVE-2007-5225.json index 5657efeca6f..3de9a5b0e8e 100644 --- a/2007/5xxx/CVE-2007-5225.json +++ b/2007/5xxx/CVE-2007-5225.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5225", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5225", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071002 Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=603" - }, - { - "name" : "20071004 Re: iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/481501/100/0/threaded" - }, - { - "name" : "5227", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5227" - }, - { - "name" : "4516", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4516" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-463.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-463.htm" - }, - { - "name" : "103061", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103061-1" - }, - { - "name" : "25905", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25905" - }, - { - "name" : "ADV-2007-3339", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3339" - }, - { - "name" : "oval:org.mitre.oval:def:2170", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2170" - }, - { - "name" : "1018766", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018766" - }, - { - "name" : "27024", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27024" - }, - { - "name" : "27654", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27654" - }, - { - "name" : "solaris-namedpipes-information-disclosure(36918)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36918" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071004 Re: iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/481501/100/0/threaded" + }, + { + "name": "27654", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27654" + }, + { + "name": "5227", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5227" + }, + { + "name": "27024", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27024" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-463.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-463.htm" + }, + { + "name": "25905", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25905" + }, + { + "name": "ADV-2007-3339", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3339" + }, + { + "name": "solaris-namedpipes-information-disclosure(36918)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36918" + }, + { + "name": "4516", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4516" + }, + { + "name": "oval:org.mitre.oval:def:2170", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2170" + }, + { + "name": "103061", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103061-1" + }, + { + "name": "1018766", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018766" + }, + { + "name": "20071002 Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=603" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5342.json b/2007/5xxx/CVE-2007-5342.json index dc4e56fb8a9..b5512ca2d22 100644 --- a/2007/5xxx/CVE-2007-5342.json +++ b/2007/5xxx/CVE-2007-5342.json @@ -1,287 +1,287 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5342", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-5342", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071223 [CVE-2007-5342] Apache Tomcat's default security policy is too open", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/485481/100/0/threaded" - }, - { - "name" : "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/507985/100/0/threaded" - }, - { - "name" : "http://svn.apache.org/viewvc?view=rev&revision=606594", - "refsource" : "MISC", - "url" : "http://svn.apache.org/viewvc?view=rev&revision=606594" - }, - { - "name" : "http://tomcat.apache.org/security-5.html", - "refsource" : "CONFIRM", - "url" : "http://tomcat.apache.org/security-5.html" - }, - { - "name" : "http://tomcat.apache.org/security-6.html", - "refsource" : "CONFIRM", - "url" : "http://tomcat.apache.org/security-6.html" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2008-0010.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2008-0010.html" - }, - { - "name" : "http://support.apple.com/kb/HT3216", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3216" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" - }, - { - "name" : "APPLE-SA-2008-10-09", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" - }, - { - "name" : "DSA-1447", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1447" - }, - { - "name" : "FEDORA-2008-1467", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html" - }, - { - "name" : "FEDORA-2008-1603", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html" - }, - { - "name" : "GLSA-200804-10", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200804-10.xml" - }, - { - "name" : "HPSBST02955", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=139344343412337&w=2" - }, - { - "name" : "MDVSA-2008:188", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:188" - }, - { - "name" : "RHSA-2008:0042", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0042.html" - }, - { - "name" : "RHSA-2008:0195", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0195.html" - }, - { - "name" : "RHSA-2008:0862", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0862.html" - }, - { - "name" : "RHSA-2008:0831", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0831.html" - }, - { - "name" : "RHSA-2008:0832", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0832.html" - }, - { - "name" : "RHSA-2008:0833", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0833.html" - }, - { - "name" : "RHSA-2008:0834", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0834.html" - }, - { - "name" : "SUSE-SR:2009:004", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" - }, - { - "name" : "27006", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27006" - }, - { - "name" : "31681", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31681" - }, - { - "name" : "oval:org.mitre.oval:def:10417", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10417" - }, - { - "name" : "37460", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37460" - }, - { - "name" : "57126", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/57126" - }, - { - "name" : "ADV-2008-0013", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0013" - }, - { - "name" : "ADV-2008-1856", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1856/references" - }, - { - "name" : "ADV-2008-2823", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2823" - }, - { - "name" : "ADV-2008-2780", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2780" - }, - { - "name" : "39833", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39833" - }, - { - "name" : "28274", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28274" - }, - { - "name" : "28317", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28317" - }, - { - "name" : "28915", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28915" - }, - { - "name" : "29313", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29313" - }, - { - "name" : "29711", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29711" - }, - { - "name" : "30676", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30676" - }, - { - "name" : "32222", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32222" - }, - { - "name" : "32120", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32120" - }, - { - "name" : "32266", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32266" - }, - { - "name" : "3485", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3485" - }, - { - "name" : "ADV-2009-3316", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3316" - }, - { - "name" : "apache-juli-logging-weak-security(39201)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39201" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and overwrite arbitrary files, as demonstrated by changing the (1) level, (2) directory, and (3) prefix attributes in the org.apache.juli.FileHandler handler." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30676", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30676" + }, + { + "name": "RHSA-2008:0862", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0862.html" + }, + { + "name": "28915", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28915" + }, + { + "name": "ADV-2008-2823", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2823" + }, + { + "name": "oval:org.mitre.oval:def:10417", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10417" + }, + { + "name": "37460", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37460" + }, + { + "name": "29313", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29313" + }, + { + "name": "31681", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31681" + }, + { + "name": "32120", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32120" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" + }, + { + "name": "RHSA-2008:0042", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0042.html" + }, + { + "name": "28274", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28274" + }, + { + "name": "MDVSA-2008:188", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:188" + }, + { + "name": "28317", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28317" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm" + }, + { + "name": "3485", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3485" + }, + { + "name": "20071223 [CVE-2007-5342] Apache Tomcat's default security policy is too open", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/485481/100/0/threaded" + }, + { + "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded" + }, + { + "name": "SUSE-SR:2009:004", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" + }, + { + "name": "http://tomcat.apache.org/security-6.html", + "refsource": "CONFIRM", + "url": "http://tomcat.apache.org/security-6.html" + }, + { + "name": "RHSA-2008:0832", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0832.html" + }, + { + "name": "57126", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/57126" + }, + { + "name": "32222", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32222" + }, + { + "name": "RHSA-2008:0195", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0195.html" + }, + { + "name": "FEDORA-2008-1467", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00315.html" + }, + { + "name": "GLSA-200804-10", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200804-10.xml" + }, + { + "name": "apache-juli-logging-weak-security(39201)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39201" + }, + { + "name": "http://svn.apache.org/viewvc?view=rev&revision=606594", + "refsource": "MISC", + "url": "http://svn.apache.org/viewvc?view=rev&revision=606594" + }, + { + "name": "RHSA-2008:0833", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0833.html" + }, + { + "name": "FEDORA-2008-1603", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00460.html" + }, + { + "name": "ADV-2008-1856", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1856/references" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html" + }, + { + "name": "http://tomcat.apache.org/security-5.html", + "refsource": "CONFIRM", + "url": "http://tomcat.apache.org/security-5.html" + }, + { + "name": "39833", + "refsource": "OSVDB", + "url": "http://osvdb.org/39833" + }, + { + "name": "ADV-2008-0013", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0013" + }, + { + "name": "ADV-2008-2780", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2780" + }, + { + "name": "RHSA-2008:0831", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0831.html" + }, + { + "name": "27006", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27006" + }, + { + "name": "RHSA-2008:0834", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0834.html" + }, + { + "name": "DSA-1447", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1447" + }, + { + "name": "HPSBST02955", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2" + }, + { + "name": "APPLE-SA-2008-10-09", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" + }, + { + "name": "http://support.apple.com/kb/HT3216", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3216" + }, + { + "name": "29711", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29711" + }, + { + "name": "ADV-2009-3316", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3316" + }, + { + "name": "32266", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32266" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5896.json b/2007/5xxx/CVE-2007-5896.json index 34561dd2d39..5a22459757c 100644 --- a/2007/5xxx/CVE-2007-5896.json +++ b/2007/5xxx/CVE-2007-5896.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5896", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service (CPU consumption and crash) via an iframe with Javascript that sets the document.location to contain a leading NULL byte (\\x00) and a (1) res://, (2) about:config, or (3) file:/// URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5896", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071102 Firefox 2.0.0.9 remote DoS vulnerability", - "refsource" : "FULLDISC", - "url" : "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2007-11/msg00094.html" - }, - { - "name" : "http://www.0x000000.com/index.php?i=467&bin=111010011", - "refsource" : "MISC", - "url" : "http://www.0x000000.com/index.php?i=467&bin=111010011" - }, - { - "name" : "45296", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45296" - }, - { - "name" : "firefox-iframe-javascript-dos(38233)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38233" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service (CPU consumption and crash) via an iframe with Javascript that sets the document.location to contain a leading NULL byte (\\x00) and a (1) res://, (2) about:config, or (3) file:/// URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45296", + "refsource": "OSVDB", + "url": "http://osvdb.org/45296" + }, + { + "name": "http://www.0x000000.com/index.php?i=467&bin=111010011", + "refsource": "MISC", + "url": "http://www.0x000000.com/index.php?i=467&bin=111010011" + }, + { + "name": "firefox-iframe-javascript-dos(38233)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38233" + }, + { + "name": "20071102 Firefox 2.0.0.9 remote DoS vulnerability", + "refsource": "FULLDISC", + "url": "http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2007-11/msg00094.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5908.json b/2007/5xxx/CVE-2007-5908.json index 92f2538693a..b58d991ea0a 100644 --- a/2007/5xxx/CVE-2007-5908.json +++ b/2007/5xxx/CVE-2007-5908.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5908", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** Buffer overflow in the (1) sysfs_show_available_clocksources and (2) sysfs_show_current_clocksources functions in Linux kernel 2.6.23 and earlier might allow local users to cause a denial of service or execute arbitrary code via crafted clock source names. NOTE: follow-on analysis by Linux developers states that \"There is no way for unprivileged users (or really even the root user) to add new clocksources.\"" - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-5908", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** Buffer overflow in the (1) sysfs_show_available_clocksources and (2) sysfs_show_current_clocksources functions in Linux kernel 2.6.23 and earlier might allow local users to cause a denial of service or execute arbitrary code via crafted clock source names. NOTE: follow-on analysis by Linux developers states that \"There is no way for unprivileged users (or really even the root user) to add new clocksources.\"" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2056.json b/2009/2xxx/CVE-2009-2056.json index c91d7dfa4d4..532bc3e1896 100644 --- a/2009/2xxx/CVE-2009-2056.json +++ b/2009/2xxx/CVE-2009-2056.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2056", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2009-2056", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090818 Cisco IOS XR Software Border Gateway Protocol Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af150f.shtml" - }, - { - "name" : "1022756", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1022756" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1022756", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1022756" + }, + { + "name": "20090818 Cisco IOS XR Software Border Gateway Protocol Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af150f.shtml" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3431.json b/2015/3xxx/CVE-2015-3431.json index 811d82434fd..1400b2ed9df 100644 --- a/2015/3xxx/CVE-2015-3431.json +++ b/2015/3xxx/CVE-2015-3431.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3431", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Pydio (formerly AjaXplorer) before 6.0.7 allows remote attackers to execute arbitrary commands via unspecified vectors, aka \"Pydio OS Command Injection Vulnerabilities.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3431", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://pydio.com/en/community/releases/pydio-core/pydio-607-security-release", - "refsource" : "CONFIRM", - "url" : "https://pydio.com/en/community/releases/pydio-core/pydio-607-security-release" - }, - { - "name" : "74596", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74596" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Pydio (formerly AjaXplorer) before 6.0.7 allows remote attackers to execute arbitrary commands via unspecified vectors, aka \"Pydio OS Command Injection Vulnerabilities.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://pydio.com/en/community/releases/pydio-core/pydio-607-security-release", + "refsource": "CONFIRM", + "url": "https://pydio.com/en/community/releases/pydio-core/pydio-607-security-release" + }, + { + "name": "74596", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74596" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3588.json b/2015/3xxx/CVE-2015-3588.json index 878397e6651..3176b25ee23 100644 --- a/2015/3xxx/CVE-2015-3588.json +++ b/2015/3xxx/CVE-2015-3588.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3588", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3588", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3589.json b/2015/3xxx/CVE-2015-3589.json index 8003550eb57..49ea9451f6a 100644 --- a/2015/3xxx/CVE-2015-3589.json +++ b/2015/3xxx/CVE-2015-3589.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3589", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3589", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4299.json b/2015/4xxx/CVE-2015-4299.json index 3110baee5a0..8ace29af65e 100644 --- a/2015/4xxx/CVE-2015-4299.json +++ b/2015/4xxx/CVE-2015-4299.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4299", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Unified Web and E-Mail Interaction Manager 9.0(2) improperly performs authorization, which allows remote authenticated users to remove default messaging-queue system folders via unspecified vectors, aka Bug ID CSCuo89046." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-4299", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150813 Cisco Unified Interaction Manager Web Interface Security Bypass Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40429" - }, - { - "name" : "74572", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74572" - }, - { - "name" : "1033285", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033285" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Unified Web and E-Mail Interaction Manager 9.0(2) improperly performs authorization, which allows remote authenticated users to remove default messaging-queue system folders via unspecified vectors, aka Bug ID CSCuo89046." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150813 Cisco Unified Interaction Manager Web Interface Security Bypass Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40429" + }, + { + "name": "1033285", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033285" + }, + { + "name": "74572", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74572" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4405.json b/2015/4xxx/CVE-2015-4405.json index e92cbb2dd4f..9f496e798be 100644 --- a/2015/4xxx/CVE-2015-4405.json +++ b/2015/4xxx/CVE-2015-4405.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4405", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4405", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4711.json b/2015/4xxx/CVE-2015-4711.json index 67fd33f9229..23787081534 100644 --- a/2015/4xxx/CVE-2015-4711.json +++ b/2015/4xxx/CVE-2015-4711.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4711", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4711", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4892.json b/2015/4xxx/CVE-2015-4892.json index c367a4917d6..fa8318febf7 100644 --- a/2015/4xxx/CVE-2015-4892.json +++ b/2015/4xxx/CVE-2015-4892.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4892", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulnerability than CVE-2015-4917." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-4892", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "1033899", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033899" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulnerability than CVE-2015-4917." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + }, + { + "name": "1033899", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033899" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7326.json b/2015/7xxx/CVE-2015-7326.json index 03bd81e9773..d5ee5bb13b0 100644 --- a/2015/7xxx/CVE-2015-7326.json +++ b/2015/7xxx/CVE-2015-7326.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7326", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "XML External Entity (XXE) vulnerability in Milton Webdav before 2.7.0.3." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7326", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151102 CVE-2015-7326 (XXE vulnerability in Milton Webdav)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536813/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/134178/Milton-Webdav-2.7.0.1-XXE-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134178/Milton-Webdav-2.7.0.1-XXE-Injection.html" - }, - { - "name" : "https://github.com/miltonio/milton2/commit/5f81b0c48a817d4337d8b0e99ea0b4744ecd720b", - "refsource" : "CONFIRM", - "url" : "https://github.com/miltonio/milton2/commit/5f81b0c48a817d4337d8b0e99ea0b4744ecd720b" - }, - { - "name" : "https://github.com/miltonio/milton2/commit/b41072b", - "refsource" : "CONFIRM", - "url" : "https://github.com/miltonio/milton2/commit/b41072b" - }, - { - "name" : "https://github.com/miltonio/milton2/commit/b5851c1", - "refsource" : "CONFIRM", - "url" : "https://github.com/miltonio/milton2/commit/b5851c1" - }, - { - "name" : "77392", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77392" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "XML External Entity (XXE) vulnerability in Milton Webdav before 2.7.0.3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/miltonio/milton2/commit/b5851c1", + "refsource": "CONFIRM", + "url": "https://github.com/miltonio/milton2/commit/b5851c1" + }, + { + "name": "https://github.com/miltonio/milton2/commit/5f81b0c48a817d4337d8b0e99ea0b4744ecd720b", + "refsource": "CONFIRM", + "url": "https://github.com/miltonio/milton2/commit/5f81b0c48a817d4337d8b0e99ea0b4744ecd720b" + }, + { + "name": "20151102 CVE-2015-7326 (XXE vulnerability in Milton Webdav)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536813/100/0/threaded" + }, + { + "name": "77392", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77392" + }, + { + "name": "http://packetstormsecurity.com/files/134178/Milton-Webdav-2.7.0.1-XXE-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134178/Milton-Webdav-2.7.0.1-XXE-Injection.html" + }, + { + "name": "https://github.com/miltonio/milton2/commit/b41072b", + "refsource": "CONFIRM", + "url": "https://github.com/miltonio/milton2/commit/b41072b" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8171.json b/2015/8xxx/CVE-2015-8171.json index 92953562c6e..3c6c59c6068 100644 --- a/2015/8xxx/CVE-2015-8171.json +++ b/2015/8xxx/CVE-2015-8171.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8171", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8171", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8320.json b/2015/8xxx/CVE-2015-8320.json index 7f3f36a7a63..1fe1eedb112 100644 --- a/2015/8xxx/CVE-2015-8320.json +++ b/2015/8xxx/CVE-2015-8320.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8320", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apache Cordova-Android before 3.7.0 improperly generates random values for BridgeSecret data, which makes it easier for attackers to conduct bridge hijacking attacks by predicting a value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-8320", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151120 Fwd: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536945/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/134496/Apache-Cordova-Android-3.6.4-BridgeSecret-Weak-Randomization.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134496/Apache-Cordova-Android-3.6.4-BridgeSecret-Weak-Randomization.html" - }, - { - "name" : "https://cordova.apache.org/announcements/2015/11/20/security.html", - "refsource" : "CONFIRM", - "url" : "https://cordova.apache.org/announcements/2015/11/20/security.html" - }, - { - "name" : "77679", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77679" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apache Cordova-Android before 3.7.0 improperly generates random values for BridgeSecret data, which makes it easier for attackers to conduct bridge hijacking attacks by predicting a value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "77679", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77679" + }, + { + "name": "https://cordova.apache.org/announcements/2015/11/20/security.html", + "refsource": "CONFIRM", + "url": "https://cordova.apache.org/announcements/2015/11/20/security.html" + }, + { + "name": "http://packetstormsecurity.com/files/134496/Apache-Cordova-Android-3.6.4-BridgeSecret-Weak-Randomization.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134496/Apache-Cordova-Android-3.6.4-BridgeSecret-Weak-Randomization.html" + }, + { + "name": "20151120 Fwd: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536945/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8321.json b/2015/8xxx/CVE-2015-8321.json index a736bf60278..c6e91be28c7 100644 --- a/2015/8xxx/CVE-2015-8321.json +++ b/2015/8xxx/CVE-2015-8321.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8321", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8321", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9256.json b/2015/9xxx/CVE-2015-9256.json index 3a4d7152c2b..ecc4c25dd1c 100644 --- a/2015/9xxx/CVE-2015-9256.json +++ b/2015/9xxx/CVE-2015-9256.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-9256", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information via access to device/VM restore mount points, because they do not have ACLs by default." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9256", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.information-paradox.net/2015/02/cve-2015-2081-multiple-vulnerabilities.html", - "refsource" : "MISC", - "url" : "http://www.information-paradox.net/2015/02/cve-2015-2081-multiple-vulnerabilities.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information via access to device/VM restore mount points, because they do not have ACLs by default." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.information-paradox.net/2015/02/cve-2015-2081-multiple-vulnerabilities.html", + "refsource": "MISC", + "url": "http://www.information-paradox.net/2015/02/cve-2015-2081-multiple-vulnerabilities.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9264.json b/2015/9xxx/CVE-2015-9264.json index ed89ae8eac6..3c84c390dc0 100644 --- a/2015/9xxx/CVE-2015-9264.json +++ b/2015/9xxx/CVE-2015-9264.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-9264", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Lansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute arbitrary code on the administrator's workstation via a crafted Windows service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9264", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.lansweeper.com/updates/lansweeper-6-0-0-48-security-update/", - "refsource" : "MISC", - "url" : "https://www.lansweeper.com/updates/lansweeper-6-0-0-48-security-update/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Lansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute arbitrary code on the administrator's workstation via a crafted Windows service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.lansweeper.com/updates/lansweeper-6-0-0-48-security-update/", + "refsource": "MISC", + "url": "https://www.lansweeper.com/updates/lansweeper-6-0-0-48-security-update/" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1014.json b/2016/1xxx/CVE-2016-1014.json index c63ca737885..f7306c35d14 100644 --- a/2016/1xxx/CVE-2016-1014.json +++ b/2016/1xxx/CVE-2016-1014.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1014", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1014", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160617 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538699/100/0/threaded" - }, - { - "name" : "20160618 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Jun/39" - }, - { - "name" : "http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" - }, - { - "name" : "MS16-050", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" - }, - { - "name" : "RHSA-2016:0610", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0610.html" - }, - { - "name" : "SUSE-SU-2016:1305", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" - }, - { - "name" : "openSUSE-SU-2016:1306", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" - }, - { - "name" : "1035509", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035509" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows local users to gain privileges via a Trojan horse resource in an unspecified directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1305", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" + }, + { + "name": "http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/137532/Adobe-Flash-Player-DLL-Hijacking.html" + }, + { + "name": "openSUSE-SU-2016:1306", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" + }, + { + "name": "20160618 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Jun/39" + }, + { + "name": "RHSA-2016:0610", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" + }, + { + "name": "20160617 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538699/100/0/threaded" + }, + { + "name": "1035509", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035509" + }, + { + "name": "MS16-050", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-050" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1135.json b/2016/1xxx/CVE-2016-1135.json index 5e0af40b771..5719d6ddcdb 100644 --- a/2016/1xxx/CVE-2016-1135.json +++ b/2016/1xxx/CVE-2016-1135.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1135", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and earlier, WHR-300HP2 devices with firmware 1.90 and earlier, WHR-600D devices with firmware 1.90 and earlier, WMR-300 devices with firmware 1.90 and earlier, WMR-433 devices with firmware 1.01 and earlier, and WSR-1166DHP devices with firmware 1.01 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1135", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JVN#49225722", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN49225722/index.html" - }, - { - "name" : "JVNDB-2016-000006", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000006" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and earlier, WHR-300HP2 devices with firmware 1.90 and earlier, WHR-600D devices with firmware 1.90 and earlier, WMR-300 devices with firmware 1.90 and earlier, WMR-433 devices with firmware 1.01 and earlier, and WSR-1166DHP devices with firmware 1.01 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000006", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000006" + }, + { + "name": "JVN#49225722", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN49225722/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1445.json b/2016/1xxx/CVE-2016-1445.json index 2406cecba35..df67aeb8bd8 100644 --- a/2016/1xxx/CVE-2016-1445.json +++ b/2016/1xxx/CVE-2016-1445.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1445", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Adaptive Security Appliance (ASA) Software 8.2 through 9.4.3.3 allows remote attackers to bypass intended ICMP Echo Reply ACLs via vectors related to subtypes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1445", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160711 Cisco Adaptive Security Appliance Access Control List ICMP Echo Request Code Filtering Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160711-asa" - }, - { - "name" : "91693", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91693" - }, - { - "name" : "1036271", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036271" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Adaptive Security Appliance (ASA) Software 8.2 through 9.4.3.3 allows remote attackers to bypass intended ICMP Echo Reply ACLs via vectors related to subtypes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036271", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036271" + }, + { + "name": "20160711 Cisco Adaptive Security Appliance Access Control List ICMP Echo Request Code Filtering Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160711-asa" + }, + { + "name": "91693", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91693" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1492.json b/2016/1xxx/CVE-2016-1492.json index e885cb63718..8405370c666 100644 --- a/2016/1xxx/CVE-2016-1492.json +++ b/2016/1xxx/CVE-2016-1492.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1492", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1492", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537365/100/0/threaded" - }, - { - "name" : "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Jan/67" - }, - { - "name" : "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities" - }, - { - "name" : "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html" - }, - { - "name" : "https://support.lenovo.com/us/en/product_security/len_4058", - "refsource" : "CONFIRM", - "url" : "https://support.lenovo.com/us/en/product_security/len_4058" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html" + }, + { + "name": "https://support.lenovo.com/us/en/product_security/len_4058", + "refsource": "CONFIRM", + "url": "https://support.lenovo.com/us/en/product_security/len_4058" + }, + { + "name": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities", + "refsource": "MISC", + "url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities" + }, + { + "name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded" + }, + { + "name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Jan/67" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1707.json b/2016/1xxx/CVE-2016-1707.json index bf536d9e998..ca7e8e4f77e 100644 --- a/2016/1xxx/CVE-2016-1707.json +++ b/2016/1xxx/CVE-2016-1707.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1707", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ios/web/web_state/ui/crw_web_controller.mm in Google Chrome before 52.0.2743.82 on iOS does not ensure that an invalid URL is replaced with the about:blank URL, which allows remote attackers to spoof the URL display via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1707", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html" - }, - { - "name" : "https://codereview.chromium.org/2086333003", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/2086333003" - }, - { - "name" : "https://crbug.com/622183", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/622183" - }, - { - "name" : "DSA-3637", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3637" - }, - { - "name" : "openSUSE-SU-2016:1865", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html" - }, - { - "name" : "openSUSE-SU-2016:1868", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html" - }, - { - "name" : "openSUSE-SU-2016:1869", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html" - }, - { - "name" : "openSUSE-SU-2016:1918", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html" - }, - { - "name" : "92053", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92053" - }, - { - "name" : "1036428", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036428" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ios/web/web_state/ui/crw_web_controller.mm in Google Chrome before 52.0.2743.82 on iOS does not ensure that an invalid URL is replaced with the about:blank URL, which allows remote attackers to spoof the URL display via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:1868", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html" + }, + { + "name": "openSUSE-SU-2016:1869", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html" + }, + { + "name": "92053", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92053" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html" + }, + { + "name": "https://codereview.chromium.org/2086333003", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/2086333003" + }, + { + "name": "openSUSE-SU-2016:1918", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html" + }, + { + "name": "https://crbug.com/622183", + "refsource": "CONFIRM", + "url": "https://crbug.com/622183" + }, + { + "name": "openSUSE-SU-2016:1865", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html" + }, + { + "name": "1036428", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036428" + }, + { + "name": "DSA-3637", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3637" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1722.json b/2016/1xxx/CVE-2016-1722.json index 3af9375f1f9..8057fc76302 100644 --- a/2016/1xxx/CVE-2016-1722.json +++ b/2016/1xxx/CVE-2016-1722.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1722", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1722", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205729", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205729" - }, - { - "name" : "https://support.apple.com/HT205731", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205731" - }, - { - "name" : "https://support.apple.com/HT205732", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205732" - }, - { - "name" : "https://support.apple.com/HT206168", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206168" - }, - { - "name" : "APPLE-SA-2016-01-19-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-01-19-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html" - }, - { - "name" : "APPLE-SA-2016-01-25-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html" - }, - { - "name" : "APPLE-SA-2016-03-21-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" - }, - { - "name" : "1034736", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034736" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "syslog in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT206168", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206168" + }, + { + "name": "https://support.apple.com/HT205731", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205731" + }, + { + "name": "https://support.apple.com/HT205729", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205729" + }, + { + "name": "APPLE-SA-2016-01-25-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html" + }, + { + "name": "1034736", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034736" + }, + { + "name": "APPLE-SA-2016-01-19-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html" + }, + { + "name": "APPLE-SA-2016-03-21-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" + }, + { + "name": "APPLE-SA-2016-01-19-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html" + }, + { + "name": "https://support.apple.com/HT205732", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205732" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5198.json b/2016/5xxx/CVE-2016-5198.json index b1432452a32..e151edd04cf 100644 --- a/2016/5xxx/CVE-2016-5198.json +++ b/2016/5xxx/CVE-2016-5198.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-5198", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac", - "version" : { - "version_data" : [ - { - "version_value" : "Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "incorrect compiler optimisations" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5198", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac", + "version": { + "version_data": [ + { + "version_value": "Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop.html" - }, - { - "name" : "https://crbug.com/659475", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/659475" - }, - { - "name" : "RHSA-2016:2672", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2672.html" - }, - { - "name" : "94079", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94079" - }, - { - "name" : "1037224", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037224" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "incorrect compiler optimisations" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://crbug.com/659475", + "refsource": "CONFIRM", + "url": "https://crbug.com/659475" + }, + { + "name": "94079", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94079" + }, + { + "name": "1037224", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037224" + }, + { + "name": "RHSA-2016:2672", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2672.html" + }, + { + "name": "https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5325.json b/2016/5xxx/CVE-2016-5325.json index e230ecddcd6..d432e6a92c3 100644 --- a/2016/5xxx/CVE-2016-5325.json +++ b/2016/5xxx/CVE-2016-5325.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5325", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the reason argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5325", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/nodejs/node/commit/c0f13e56a20f9bde5a67d873a7f9564487160762", - "refsource" : "CONFIRM", - "url" : "https://github.com/nodejs/node/commit/c0f13e56a20f9bde5a67d873a7f9564487160762" - }, - { - "name" : "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/", - "refsource" : "CONFIRM", - "url" : "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/" - }, - { - "name" : "GLSA-201612-43", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-43" - }, - { - "name" : "RHSA-2016:2101", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:2101" - }, - { - "name" : "RHSA-2017:0002", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0002.html" - }, - { - "name" : "SUSE-SU-2016:2470", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html" - }, - { - "name" : "93483", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93483" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the reason argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/nodejs/node/commit/c0f13e56a20f9bde5a67d873a7f9564487160762", + "refsource": "CONFIRM", + "url": "https://github.com/nodejs/node/commit/c0f13e56a20f9bde5a67d873a7f9564487160762" + }, + { + "name": "RHSA-2016:2101", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:2101" + }, + { + "name": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/", + "refsource": "CONFIRM", + "url": "https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/" + }, + { + "name": "93483", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93483" + }, + { + "name": "GLSA-201612-43", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-43" + }, + { + "name": "RHSA-2017:0002", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0002.html" + }, + { + "name": "SUSE-SU-2016:2470", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5341.json b/2016/5xxx/CVE-2016-5341.json index 3a8e0358b5e..1f3a95cc7f7 100644 --- a/2016/5xxx/CVE-2016-5341.json +++ b/2016/5xxx/CVE-2016-5341.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5341", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The GPS component in Android before 2016-12-05 allows man-in-the-middle attackers to cause a denial of service (GPS signal-acquisition delay) via an incorrect xtra.bin or xtra2.bin file on a spoofed Qualcomm gpsonextra.net or izatcloud.net host, aka internal bug 31470303 and external bug 211602 (and AndroidID-7225554)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5341", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://wwws.nightwatchcybersecurity.com/2016/12/05/cve-2016-5341/", - "refsource" : "MISC", - "url" : "https://wwws.nightwatchcybersecurity.com/2016/12/05/cve-2016-5341/" - }, - { - "name" : "http://source.android.com/security/bulletin/2016-12-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-12-01.html" - }, - { - "name" : "https://source.android.com/security/bulletin/pixel/2017-12-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/pixel/2017-12-01" - }, - { - "name" : "94689", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94689" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The GPS component in Android before 2016-12-05 allows man-in-the-middle attackers to cause a denial of service (GPS signal-acquisition delay) via an incorrect xtra.bin or xtra2.bin file on a spoofed Qualcomm gpsonextra.net or izatcloud.net host, aka internal bug 31470303 and external bug 211602 (and AndroidID-7225554)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wwws.nightwatchcybersecurity.com/2016/12/05/cve-2016-5341/", + "refsource": "MISC", + "url": "https://wwws.nightwatchcybersecurity.com/2016/12/05/cve-2016-5341/" + }, + { + "name": "https://source.android.com/security/bulletin/pixel/2017-12-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/pixel/2017-12-01" + }, + { + "name": "94689", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94689" + }, + { + "name": "http://source.android.com/security/bulletin/2016-12-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-12-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5540.json b/2016/5xxx/CVE-2016-5540.json index f8638f9b69e..f4b28aea179 100644 --- a/2016/5xxx/CVE-2016-5540.json +++ b/2016/5xxx/CVE-2016-5540.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5540", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Retail Xstore Payment component in Oracle Retail Applications 1.x allows local users to affect confidentiality and integrity via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5540", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93657", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93657" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Retail Xstore Payment component in Oracle Retail Applications 1.x allows local users to affect confidentiality and integrity via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "93657", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93657" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5552.json b/2016/5xxx/CVE-2016-5552.json index 3b4655db5b7..8a1f76c8dc0 100644 --- a/2016/5xxx/CVE-2016-5552.json +++ b/2016/5xxx/CVE-2016-5552.json @@ -1,178 +1,178 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2016-5552", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Java SE", - "version" : { - "version_data" : [ - { - "version_value" : "6u131" - }, - { - "version_value" : "7u121" - }, - { - "version_value" : "8u112" - } - ] - } - }, - { - "product_name" : "Java SE Embedded", - "version" : { - "version_data" : [ - { - "version_value" : "8u111" - } - ] - } - }, - { - "product_name" : "JRockit", - "version" : { - "version_data" : [ - { - "version_value" : "R28.3.12" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Integrity impacts)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5552", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Java SE", + "version": { + "version_data": [ + { + "version_value": "6u131" + }, + { + "version_value": "7u121" + }, + { + "version_value": "8u112" + } + ] + } + }, + { + "product_name": "Java SE Embedded", + "version": { + "version_data": [ + { + "version_value": "8u111" + } + ] + } + }, + { + "product_name": "JRockit", + "version": { + "version_data": [ + { + "version_value": "R28.3.12" + } + ] + } + } + ] + }, + "vendor_name": "Oracle" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html" - }, - { - "name" : "https://source.android.com/security/bulletin/2017-02-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-02-01.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20170119-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20170119-0001/" - }, - { - "name" : "DSA-3782", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3782" - }, - { - "name" : "GLSA-201701-65", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-65" - }, - { - "name" : "GLSA-201707-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201707-01" - }, - { - "name" : "RHSA-2017:0175", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0175.html" - }, - { - "name" : "RHSA-2017:0176", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0176.html" - }, - { - "name" : "RHSA-2017:0177", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0177.html" - }, - { - "name" : "RHSA-2017:0180", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0180.html" - }, - { - "name" : "RHSA-2017:0263", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0263.html" - }, - { - "name" : "RHSA-2017:0269", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0269.html" - }, - { - "name" : "RHSA-2017:0336", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0336.html" - }, - { - "name" : "RHSA-2017:0337", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0337.html" - }, - { - "name" : "RHSA-2017:0338", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0338.html" - }, - { - "name" : "RHSA-2017:1216", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1216" - }, - { - "name" : "95512", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95512" - }, - { - "name" : "1037637", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037637" - }, - { - "name" : "1037798", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037798" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Integrity impacts)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2017:0338", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html" + }, + { + "name": "DSA-3782", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3782" + }, + { + "name": "RHSA-2017:0176", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html" + }, + { + "name": "1037798", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037798" + }, + { + "name": "GLSA-201701-65", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-65" + }, + { + "name": "RHSA-2017:0180", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html" + }, + { + "name": "95512", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95512" + }, + { + "name": "1037637", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037637" + }, + { + "name": "GLSA-201707-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201707-01" + }, + { + "name": "RHSA-2017:0175", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html" + }, + { + "name": "RHSA-2017:0177", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html" + }, + { + "name": "RHSA-2017:0263", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html" + }, + { + "name": "RHSA-2017:1216", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1216" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20170119-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20170119-0001/" + }, + { + "name": "RHSA-2017:0269", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html" + }, + { + "name": "RHSA-2017:0337", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html" + }, + { + "name": "RHSA-2017:0336", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html" + }, + { + "name": "https://source.android.com/security/bulletin/2017-02-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-02-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/1999xxx/CVE-2018-1999046.json b/2018/1999xxx/CVE-2018-1999046.json index dc50ede5153..1970298a336 100644 --- a/2018/1999xxx/CVE-2018-1999046.json +++ b/2018/1999xxx/CVE-2018-1999046.json @@ -1,65 +1,65 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "kurt@seifried.org", - "DATE_ASSIGNED" : "2018-08-18T21:50:59.837778", - "DATE_REQUESTED" : "2018-08-15T00:00:00", - "ID" : "CVE-2018-1999046", - "REQUESTER" : "ml@beckweb.net", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Jenkins", - "version" : { - "version_data" : [ - { - "version_value" : "2.137 and earlier, 2.121.2 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Jenkins project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A exposure of sensitive information vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in Computer.java that allows attackers With Overall/Read permission to access the connection log for any agent." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-285, CWE-200" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2018-08-18T21:50:59.837778", + "DATE_REQUESTED": "2018-08-15T00:00:00", + "ID": "CVE-2018-1999046", + "REQUESTER": "ml@beckweb.net", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://jenkins.io/security/advisory/2018-08-15/#SECURITY-1071", - "refsource" : "CONFIRM", - "url" : "https://jenkins.io/security/advisory/2018-08-15/#SECURITY-1071" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A exposure of sensitive information vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in Computer.java that allows attackers With Overall/Read permission to access the connection log for any agent." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://jenkins.io/security/advisory/2018-08-15/#SECURITY-1071", + "refsource": "CONFIRM", + "url": "https://jenkins.io/security/advisory/2018-08-15/#SECURITY-1071" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2222.json b/2018/2xxx/CVE-2018-2222.json index 9b9a06c6e5d..d37f465e613 100644 --- a/2018/2xxx/CVE-2018-2222.json +++ b/2018/2xxx/CVE-2018-2222.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2222", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2222", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2327.json b/2018/2xxx/CVE-2018-2327.json index f4c792f4da9..a1cf15b968b 100644 --- a/2018/2xxx/CVE-2018-2327.json +++ b/2018/2xxx/CVE-2018-2327.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2327", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2327", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2483.json b/2018/2xxx/CVE-2018-2483.json index b00686bfc32..e79a85b148a 100644 --- a/2018/2xxx/CVE-2018-2483.json +++ b/2018/2xxx/CVE-2018-2483.json @@ -1,80 +1,80 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2483", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP BusinessObjects Business Intelligence Platform", - "version" : { - "version_data" : [ - { - "version_name" : "=", - "version_value" : "4.1" - }, - { - "version_name" : "=", - "version_value" : "4.2" - } - ] - } - } - ] - }, - "vendor_name" : "SAP" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HTTP Verb Tampering is possible in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, Central Management Console (CMC) by changing request method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Other" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2483", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP BusinessObjects Business Intelligence Platform", + "version": { + "version_data": [ + { + "version_name": "=", + "version_value": "4.1" + }, + { + "version_name": "=", + "version_value": "4.2" + } + ] + } + } + ] + }, + "vendor_name": "SAP" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2647714", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2647714" - }, - { - "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832", - "refsource" : "MISC", - "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832" - }, - { - "name" : "105899", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105899" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HTTP Verb Tampering is possible in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, Central Management Console (CMC) by changing request method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "105899", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105899" + }, + { + "name": "https://launchpad.support.sap.com/#/notes/2647714", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2647714" + }, + { + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832", + "refsource": "MISC", + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2493.json b/2018/2xxx/CVE-2018-2493.json index 39d155b9680..efd694e200b 100644 --- a/2018/2xxx/CVE-2018-2493.json +++ b/2018/2xxx/CVE-2018-2493.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2493", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-2493", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0424.json b/2019/0xxx/CVE-2019-0424.json index 0bdad34c523..d94e2351e5e 100644 --- a/2019/0xxx/CVE-2019-0424.json +++ b/2019/0xxx/CVE-2019-0424.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0424", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0424", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0510.json b/2019/0xxx/CVE-2019-0510.json index 7dae1071e57..c33e01ddf0d 100644 --- a/2019/0xxx/CVE-2019-0510.json +++ b/2019/0xxx/CVE-2019-0510.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0510", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0510", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0743.json b/2019/0xxx/CVE-2019-0743.json index a7816aab897..1026dc4efbb 100644 --- a/2019/0xxx/CVE-2019-0743.json +++ b/2019/0xxx/CVE-2019-0743.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0743", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Team Foundation Server 2018", - "version" : { - "version_data" : [ - { - "version_value" : "Update 3.2" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0742." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Spoofing" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0743", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Team Foundation Server 2018", + "version": { + "version_data": [ + { + "version_value": "Update 3.2" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0743", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0743" - }, - { - "name" : "106970", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106970" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0742." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0743", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0743" + }, + { + "name": "106970", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106970" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1111.json b/2019/1xxx/CVE-2019-1111.json index 1c8e2963000..bc49e377f8f 100644 --- a/2019/1xxx/CVE-2019-1111.json +++ b/2019/1xxx/CVE-2019-1111.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1111", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1111", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1713.json b/2019/1xxx/CVE-2019-1713.json index 4ae427db6d2..0fc143895ab 100644 --- a/2019/1xxx/CVE-2019-1713.json +++ b/2019/1xxx/CVE-2019-1713.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1713", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1713", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1746.json b/2019/1xxx/CVE-2019-1746.json index 374e0dd1d4a..c5cf802ae33 100644 --- a/2019/1xxx/CVE-2019-1746.json +++ b/2019/1xxx/CVE-2019-1746.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1746", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1746", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1871.json b/2019/1xxx/CVE-2019-1871.json index a89ea3c168d..209c3264b46 100644 --- a/2019/1xxx/CVE-2019-1871.json +++ b/2019/1xxx/CVE-2019-1871.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1871", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1871", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4014.json b/2019/4xxx/CVE-2019-4014.json index 7445b550d1a..ccf9730bc70 100644 --- a/2019/4xxx/CVE-2019-4014.json +++ b/2019/4xxx/CVE-2019-4014.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4014", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4014", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4128.json b/2019/4xxx/CVE-2019-4128.json index 2428839ba40..b97734b9215 100644 --- a/2019/4xxx/CVE-2019-4128.json +++ b/2019/4xxx/CVE-2019-4128.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4128", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4128", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4710.json b/2019/4xxx/CVE-2019-4710.json index 208f39139e1..725833a1b9f 100644 --- a/2019/4xxx/CVE-2019-4710.json +++ b/2019/4xxx/CVE-2019-4710.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4710", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4710", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4913.json b/2019/4xxx/CVE-2019-4913.json index a4651a92914..15a2a8e8e78 100644 --- a/2019/4xxx/CVE-2019-4913.json +++ b/2019/4xxx/CVE-2019-4913.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4913", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4913", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5327.json b/2019/5xxx/CVE-2019-5327.json index dc22b723d80..df4330d69c6 100644 --- a/2019/5xxx/CVE-2019-5327.json +++ b/2019/5xxx/CVE-2019-5327.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5327", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5327", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5478.json b/2019/5xxx/CVE-2019-5478.json index 153f950da8f..c9fa22b1ccc 100644 --- a/2019/5xxx/CVE-2019-5478.json +++ b/2019/5xxx/CVE-2019-5478.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5478", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5478", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5558.json b/2019/5xxx/CVE-2019-5558.json index cac57dcc9ff..72b796c2e00 100644 --- a/2019/5xxx/CVE-2019-5558.json +++ b/2019/5xxx/CVE-2019-5558.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5558", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5558", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5790.json b/2019/5xxx/CVE-2019-5790.json index ef527bb9c5b..78ea5fd09d3 100644 --- a/2019/5xxx/CVE-2019-5790.json +++ b/2019/5xxx/CVE-2019-5790.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5790", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5790", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9190.json b/2019/9xxx/CVE-2019-9190.json index 7931e53d232..2b654b8f30f 100644 --- a/2019/9xxx/CVE-2019-9190.json +++ b/2019/9xxx/CVE-2019-9190.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9190", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9190", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file