diff --git a/2006/5xxx/CVE-2006-5034.json b/2006/5xxx/CVE-2006-5034.json index 360bfe594bb..2d0929c8be4 100644 --- a/2006/5xxx/CVE-2006-5034.json +++ b/2006/5xxx/CVE-2006-5034.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5034", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Paul Smith Computer Services vCAP 1.9.0 Beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5034", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060911 vCAP calendar server Multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-09/0187.html" - }, - { - "name" : "http://www.morx.org/vcap.txt", - "refsource" : "MISC", - "url" : "http://www.morx.org/vcap.txt" - }, - { - "name" : "19958", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19958" - }, - { - "name" : "ADV-2006-3569", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3569" - }, - { - "name" : "28808", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/28808" - }, - { - "name" : "1016822", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016822" - }, - { - "name" : "21862", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21862" - }, - { - "name" : "vcap-request-directory-traversal(28873)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28873" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Paul Smith Computer Services vCAP 1.9.0 Beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "vcap-request-directory-traversal(28873)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28873" + }, + { + "name": "http://www.morx.org/vcap.txt", + "refsource": "MISC", + "url": "http://www.morx.org/vcap.txt" + }, + { + "name": "21862", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21862" + }, + { + "name": "ADV-2006-3569", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3569" + }, + { + "name": "20060911 vCAP calendar server Multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-09/0187.html" + }, + { + "name": "28808", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/28808" + }, + { + "name": "1016822", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016822" + }, + { + "name": "19958", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19958" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5622.json b/2006/5xxx/CVE-2006-5622.json index 08709e51bd5..e2900c20a74 100644 --- a/2006/5xxx/CVE-2006-5622.json +++ b/2006/5xxx/CVE-2006-5622.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5622", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery 1.4.9 allows remote attackers to execute arbitrary SQL commands via the aid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5622", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2660", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2660" - }, - { - "name" : "http://coppermine-gallery.net/forum/index.php?topic=37895.0", - "refsource" : "CONFIRM", - "url" : "http://coppermine-gallery.net/forum/index.php?topic=37895.0" - }, - { - "name" : "20774", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20774" - }, - { - "name" : "ADV-2006-4226", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4226" - }, - { - "name" : "22625", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22625" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery 1.4.9 allows remote attackers to execute arbitrary SQL commands via the aid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://coppermine-gallery.net/forum/index.php?topic=37895.0", + "refsource": "CONFIRM", + "url": "http://coppermine-gallery.net/forum/index.php?topic=37895.0" + }, + { + "name": "ADV-2006-4226", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4226" + }, + { + "name": "20774", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20774" + }, + { + "name": "2660", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2660" + }, + { + "name": "22625", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22625" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5984.json b/2006/5xxx/CVE-2006-5984.json index 2f8124df0a4..985a231aef8 100644 --- a/2006/5xxx/CVE-2006-5984.json +++ b/2006/5xxx/CVE-2006-5984.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5984", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Helm Web Hosting Control Panel 3.2.10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) txtCompanyName, (2) txtEmail, or (3) txtUserAccNum parameter to (a) users.asp, or the (4) setThemeColour parameter to (b) default.asp in the Reseller and Admin levels; or the (5) setThemeColour parameter to default.asp in the User level. NOTE: the txtDomainName parameter to domains.asp is covered by CVE-2006-1407, which suggests that this vector is fixed in 3.2.10 stable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5984", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061114 Helm Cross-Site Scripting (XSS)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/451737/100/0/threaded" - }, - { - "name" : "20061116 Helm Cross Site Scripting", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/451848/100/200/threaded" - }, - { - "name" : "http://aria-security.net/advisory/helm.txt", - "refsource" : "MISC", - "url" : "http://aria-security.net/advisory/helm.txt" - }, - { - "name" : "ADV-2006-4557", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4557" - }, - { - "name" : "1017240", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017240" - }, - { - "name" : "22916", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22916" - }, - { - "name" : "1884", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1884" - }, - { - "name" : "helm-domainsusersdefaault-xss(30309)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30309" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Helm Web Hosting Control Panel 3.2.10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) txtCompanyName, (2) txtEmail, or (3) txtUserAccNum parameter to (a) users.asp, or the (4) setThemeColour parameter to (b) default.asp in the Reseller and Admin levels; or the (5) setThemeColour parameter to default.asp in the User level. NOTE: the txtDomainName parameter to domains.asp is covered by CVE-2006-1407, which suggests that this vector is fixed in 3.2.10 stable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20061114 Helm Cross-Site Scripting (XSS)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/451737/100/0/threaded" + }, + { + "name": "http://aria-security.net/advisory/helm.txt", + "refsource": "MISC", + "url": "http://aria-security.net/advisory/helm.txt" + }, + { + "name": "ADV-2006-4557", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4557" + }, + { + "name": "22916", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22916" + }, + { + "name": "1884", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1884" + }, + { + "name": "1017240", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017240" + }, + { + "name": "helm-domainsusersdefaault-xss(30309)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30309" + }, + { + "name": "20061116 Helm Cross Site Scripting", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/451848/100/200/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2065.json b/2007/2xxx/CVE-2007-2065.json index d831c90727a..84c2a05adc1 100644 --- a/2007/2xxx/CVE-2007-2065.json +++ b/2007/2xxx/CVE-2007-2065.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2065", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG_DATAREADERWRITER parameter, a different vector than CVE-2001-1297. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2065", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20788", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20788" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG_DATAREADERWRITER parameter, a different vector than CVE-2001-1297. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20788", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20788" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2335.json b/2007/2xxx/CVE-2007-2335.json index 28bb7232824..85dbd0ee721 100644 --- a/2007/2xxx/CVE-2007-2335.json +++ b/2007/2xxx/CVE-2007-2335.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2335", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the RSS feed reader functionality in Lunascape 4.1.3 build2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2335", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://lunapedia.lunascape.jp/index.php?title=Lunascape_4#2007.2F04.2F25_ver_4.2.0", - "refsource" : "CONFIRM", - "url" : "http://lunapedia.lunascape.jp/index.php?title=Lunascape_4#2007.2F04.2F25_ver_4.2.0" - }, - { - "name" : "JVN#36628264", - "refsource" : "JVN", - "url" : "http://jvn.jp/jp/JVN%2336628264/index.html" - }, - { - "name" : "23665", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23665" - }, - { - "name" : "ADV-2007-1538", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1538" - }, - { - "name" : "35364", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35364" - }, - { - "name" : "25000", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25000" - }, - { - "name" : "lunascape-rssfeed-xss(34074)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34074" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the RSS feed reader functionality in Lunascape 4.1.3 build2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35364", + "refsource": "OSVDB", + "url": "http://osvdb.org/35364" + }, + { + "name": "ADV-2007-1538", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1538" + }, + { + "name": "23665", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23665" + }, + { + "name": "JVN#36628264", + "refsource": "JVN", + "url": "http://jvn.jp/jp/JVN%2336628264/index.html" + }, + { + "name": "lunascape-rssfeed-xss(34074)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34074" + }, + { + "name": "http://lunapedia.lunascape.jp/index.php?title=Lunascape_4#2007.2F04.2F25_ver_4.2.0", + "refsource": "CONFIRM", + "url": "http://lunapedia.lunascape.jp/index.php?title=Lunascape_4#2007.2F04.2F25_ver_4.2.0" + }, + { + "name": "25000", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25000" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2338.json b/2007/2xxx/CVE-2007-2338.json index 6e3ead615cf..95d2be2f0f1 100644 --- a/2007/2xxx/CVE-2007-2338.json +++ b/2007/2xxx/CVE-2007-2338.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2338", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in include/admin/banlist.php in Phorum before 5.1.22 allows remote attackers to perform unauthorized banlist deletions as an administrator via the delete parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2338", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070419 [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/466286/100/0/threaded" - }, - { - "name" : "http://www.waraxe.us/advisory-49.html", - "refsource" : "MISC", - "url" : "http://www.waraxe.us/advisory-49.html" - }, - { - "name" : "http://www.phorum.org/story.php?76", - "refsource" : "CONFIRM", - "url" : "http://www.phorum.org/story.php?76" - }, - { - "name" : "23616", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23616" - }, - { - "name" : "ADV-2007-1479", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1479" - }, - { - "name" : "35061", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35061" - }, - { - "name" : "1017936", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017936" - }, - { - "name" : "24932", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24932" - }, - { - "name" : "2617", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2617" - }, - { - "name" : "phorum-banlist-csrf(34078)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34078" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in include/admin/banlist.php in Phorum before 5.1.22 allows remote attackers to perform unauthorized banlist deletions as an administrator via the delete parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.waraxe.us/advisory-49.html", + "refsource": "MISC", + "url": "http://www.waraxe.us/advisory-49.html" + }, + { + "name": "http://www.phorum.org/story.php?76", + "refsource": "CONFIRM", + "url": "http://www.phorum.org/story.php?76" + }, + { + "name": "1017936", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017936" + }, + { + "name": "phorum-banlist-csrf(34078)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34078" + }, + { + "name": "ADV-2007-1479", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1479" + }, + { + "name": "24932", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24932" + }, + { + "name": "20070419 [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/466286/100/0/threaded" + }, + { + "name": "2617", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2617" + }, + { + "name": "23616", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23616" + }, + { + "name": "35061", + "refsource": "OSVDB", + "url": "http://osvdb.org/35061" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2536.json b/2007/2xxx/CVE-2007-2536.json index a1e91750941..211b56d9884 100644 --- a/2007/2xxx/CVE-2007-2536.json +++ b/2007/2xxx/CVE-2007-2536.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2536", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PicoZip allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2536", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070504 Multiple vendors ZOO file decompression infinite loop DoS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/467646/100/0/threaded" - }, - { - "name" : "23823", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23823" - }, - { - "name" : "41751", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41751" - }, - { - "name" : "2680", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2680" - }, - { - "name" : "multiple-vendor-zoo-dos(34080)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PicoZip allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "multiple-vendor-zoo-dos(34080)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080" + }, + { + "name": "41751", + "refsource": "OSVDB", + "url": "http://osvdb.org/41751" + }, + { + "name": "23823", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23823" + }, + { + "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded" + }, + { + "name": "2680", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2680" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2603.json b/2007/2xxx/CVE-2007-2603.json index fe122b1d45a..2ad407a4226 100644 --- a/2007/2xxx/CVE-2007-2603.json +++ b/2007/2xxx/CVE-2007-2603.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2603", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Init function in the Audio CD Ripper OCX (AudioCDRipperOCX.ocx) 1.0 ActiveX control allows remote attackers to cause a denial of service (NULL dereference and Internet Explorer crash) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2603", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070509 Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/468070/100/0/threaded" - }, - { - "name" : "23900", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23900" - }, - { - "name" : "36216", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36216" - }, - { - "name" : "2708", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2708" - }, - { - "name" : "audio-audiocdripperocx-dos(34206)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34206" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Init function in the Audio CD Ripper OCX (AudioCDRipperOCX.ocx) 1.0 ActiveX control allows remote attackers to cause a denial of service (NULL dereference and Internet Explorer crash) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070509 Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/468070/100/0/threaded" + }, + { + "name": "audio-audiocdripperocx-dos(34206)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34206" + }, + { + "name": "2708", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2708" + }, + { + "name": "23900", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23900" + }, + { + "name": "36216", + "refsource": "OSVDB", + "url": "http://osvdb.org/36216" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3101.json b/2007/3xxx/CVE-2007-3101.json index 748ffd9b250..2a1179fa988 100644 --- a/2007/3xxx/CVE-2007-3101.json +++ b/2007/3xxx/CVE-2007-3101.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3101", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-3101", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070614 Apache MyFaces Tomahawk JSF Framework Cross-Site Scripting (XSS) Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=544" - }, - { - "name" : "http://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12312536&styleName=Text&projectId=12310272", - "refsource" : "CONFIRM", - "url" : "http://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12312536&styleName=Text&projectId=12310272" - }, - { - "name" : "24480", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24480" - }, - { - "name" : "36377", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36377" - }, - { - "name" : "ADV-2007-2212", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2212" - }, - { - "name" : "25618", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25618" - }, - { - "name" : "myfaces-autoscroll-xss(34872)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34872" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25618", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25618" + }, + { + "name": "myfaces-autoscroll-xss(34872)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34872" + }, + { + "name": "20070614 Apache MyFaces Tomahawk JSF Framework Cross-Site Scripting (XSS) Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=544" + }, + { + "name": "36377", + "refsource": "OSVDB", + "url": "http://osvdb.org/36377" + }, + { + "name": "24480", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24480" + }, + { + "name": "http://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12312536&styleName=Text&projectId=12310272", + "refsource": "CONFIRM", + "url": "http://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12312536&styleName=Text&projectId=12310272" + }, + { + "name": "ADV-2007-2212", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2212" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3998.json b/2007/3xxx/CVE-2007-3998.json index 1c31b167a3d..05f4f2c7813 100644 --- a/2007/3xxx/CVE-2007-3998.json +++ b/2007/3xxx/CVE-2007-3998.json @@ -1,232 +1,232 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3998", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated by a 'chr(0), 0, \"\"' argument set." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3998", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://secweb.se/en/advisories/php-wordwrap-vulnerability/", - "refsource" : "MISC", - "url" : "http://secweb.se/en/advisories/php-wordwrap-vulnerability/" - }, - { - "name" : "http://www.php.net/ChangeLog-5.php#5.2.4", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php#5.2.4" - }, - { - "name" : "http://www.php.net/releases/5_2_4.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_4.php" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1702", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1702" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1693", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1693" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm" - }, - { - "name" : "https://launchpad.net/bugs/173043", - "refsource" : "CONFIRM", - "url" : "https://launchpad.net/bugs/173043" - }, - { - "name" : "DSA-1444", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1444" - }, - { - "name" : "DSA-1578", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1578" - }, - { - "name" : "FEDORA-2007-709", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html" - }, - { - "name" : "GLSA-200710-02", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" - }, - { - "name" : "MDKSA-2007:187", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187" - }, - { - "name" : "RHSA-2007:0890", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0890.html" - }, - { - "name" : "RHSA-2007:0889", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0889.html" - }, - { - "name" : "RHSA-2007:0891", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0891.html" - }, - { - "name" : "SUSE-SA:2008:004", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html" - }, - { - "name" : "2007-0026", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0026/" - }, - { - "name" : "USN-549-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/549-1/" - }, - { - "name" : "USN-549-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-549-2" - }, - { - "name" : "oval:org.mitre.oval:def:10603", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10603" - }, - { - "name" : "ADV-2007-3023", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3023" - }, - { - "name" : "26642", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26642" - }, - { - "name" : "26822", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26822" - }, - { - "name" : "26838", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26838" - }, - { - "name" : "26930", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26930" - }, - { - "name" : "26871", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26871" - }, - { - "name" : "26895", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26895" - }, - { - "name" : "26967", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26967" - }, - { - "name" : "27377", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27377" - }, - { - "name" : "27545", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27545" - }, - { - "name" : "27102", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27102" - }, - { - "name" : "27864", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27864" - }, - { - "name" : "28249", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28249" - }, - { - "name" : "28658", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28658" - }, - { - "name" : "30288", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30288" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated by a 'chr(0), 0, \"\"' argument set." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30288", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30288" + }, + { + "name": "26822", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26822" + }, + { + "name": "https://launchpad.net/bugs/173043", + "refsource": "CONFIRM", + "url": "https://launchpad.net/bugs/173043" + }, + { + "name": "oval:org.mitre.oval:def:10603", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10603" + }, + { + "name": "SUSE-SA:2008:004", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html" + }, + { + "name": "28658", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28658" + }, + { + "name": "FEDORA-2007-709", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html" + }, + { + "name": "26967", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26967" + }, + { + "name": "DSA-1444", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1444" + }, + { + "name": "GLSA-200710-02", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" + }, + { + "name": "27864", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27864" + }, + { + "name": "http://www.php.net/ChangeLog-5.php#5.2.4", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php#5.2.4" + }, + { + "name": "26930", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26930" + }, + { + "name": "2007-0026", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0026/" + }, + { + "name": "RHSA-2007:0889", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0889.html" + }, + { + "name": "USN-549-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/549-1/" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1693", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1693" + }, + { + "name": "28249", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28249" + }, + { + "name": "DSA-1578", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1578" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1702", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1702" + }, + { + "name": "27545", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27545" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm" + }, + { + "name": "26838", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26838" + }, + { + "name": "http://secweb.se/en/advisories/php-wordwrap-vulnerability/", + "refsource": "MISC", + "url": "http://secweb.se/en/advisories/php-wordwrap-vulnerability/" + }, + { + "name": "27377", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27377" + }, + { + "name": "MDKSA-2007:187", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187" + }, + { + "name": "27102", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27102" + }, + { + "name": "ADV-2007-3023", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3023" + }, + { + "name": "http://www.php.net/releases/5_2_4.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_4.php" + }, + { + "name": "26895", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26895" + }, + { + "name": "USN-549-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-549-2" + }, + { + "name": "RHSA-2007:0890", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0890.html" + }, + { + "name": "RHSA-2007:0891", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0891.html" + }, + { + "name": "26871", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26871" + }, + { + "name": "26642", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26642" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6019.json b/2007/6xxx/CVE-2007-6019.json index 7c6641b47c6..2954be2e18f 100644 --- a/2007/6xxx/CVE-2007-6019.json +++ b/2007/6xxx/CVE-2007-6019.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6019", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via an SWF file with a modified DeclareFunction2 Actionscript tag, which prevents an object from being instantiated properly." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2007-6019", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080408 ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/490623/100/0/threaded" - }, - { - "name" : "20080414 Secunia Research: Adobe Flash Player \"Declare Function (V7)\" HeapOverflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/490824/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-08-021", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-08-021" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb08-11.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb08-11.html" - }, - { - "name" : "APPLE-SA-2008-05-28", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html" - }, - { - "name" : "GLSA-200804-21", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml" - }, - { - "name" : "RHSA-2008:0221", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0221.html" - }, - { - "name" : "238305", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1" - }, - { - "name" : "SUSE-SA:2008:022", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html" - }, - { - "name" : "TA08-100A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-100A.html" - }, - { - "name" : "TA08-150A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-150A.html" - }, - { - "name" : "28694", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28694" - }, - { - "name" : "oval:org.mitre.oval:def:10160", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10160" - }, - { - "name" : "ADV-2008-1697", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1697" - }, - { - "name" : "ADV-2008-1724", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1724/references" - }, - { - "name" : "1019810", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019810" - }, - { - "name" : "29763", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29763" - }, - { - "name" : "29865", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29865" - }, - { - "name" : "30430", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30430" - }, - { - "name" : "30507", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30507" - }, - { - "name" : "3805", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3805" - }, - { - "name" : "adobe-flash-declarefunction2-bo(41717)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41717" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via an SWF file with a modified DeclareFunction2 Actionscript tag, which prevents an object from being instantiated properly." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "29865", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29865" + }, + { + "name": "oval:org.mitre.oval:def:10160", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10160" + }, + { + "name": "30507", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30507" + }, + { + "name": "1019810", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019810" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb08-11.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb08-11.html" + }, + { + "name": "ADV-2008-1724", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1724/references" + }, + { + "name": "adobe-flash-declarefunction2-bo(41717)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41717" + }, + { + "name": "RHSA-2008:0221", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0221.html" + }, + { + "name": "3805", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3805" + }, + { + "name": "TA08-150A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html" + }, + { + "name": "30430", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30430" + }, + { + "name": "APPLE-SA-2008-05-28", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html" + }, + { + "name": "SUSE-SA:2008:022", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html" + }, + { + "name": "20080414 Secunia Research: Adobe Flash Player \"Declare Function (V7)\" HeapOverflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/490824/100/0/threaded" + }, + { + "name": "29763", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29763" + }, + { + "name": "238305", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1" + }, + { + "name": "20080408 ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/490623/100/0/threaded" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-021", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-021" + }, + { + "name": "GLSA-200804-21", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml" + }, + { + "name": "ADV-2008-1697", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1697" + }, + { + "name": "28694", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28694" + }, + { + "name": "TA08-100A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-100A.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0603.json b/2010/0xxx/CVE-2010-0603.json index 94c9832b3b5..08663add977 100644 --- a/2010/0xxx/CVE-2010-0603.json +++ b/2010/0xxx/CVE-2010-0603.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0603", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via a malformed session attribute, aka Bug ID CSCsk40030." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2010-0603", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100512 Multiple Vulnerabilities in Cisco PGW Softswitch", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c519.shtml" - }, - { - "name" : "40121", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40121" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via a malformed session attribute, aka Bug ID CSCsk40030." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "40121", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40121" + }, + { + "name": "20100512 Multiple Vulnerabilities in Cisco PGW Softswitch", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c519.shtml" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0719.json b/2010/0xxx/CVE-2010-0719.json index 30148de92f2..884694fc448 100644 --- a/2010/0xxx/CVE-2010-0719.json +++ b/2010/0xxx/CVE-2010-0719.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0719", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 does not validate arguments, which allows local users to cause a denial of service (system crash) via a crafted application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0719", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.scmagazineus.com/malta-researchers-find-windows-bug-that-crashes-pcs/article/164439/", - "refsource" : "MISC", - "url" : "http://www.scmagazineus.com/malta-researchers-find-windows-bug-that-crashes-pcs/article/164439/" - }, - { - "name" : "62660", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/62660" - }, - { - "name" : "1023656", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023656" - }, - { - "name" : "ms-win-api-dos(56591)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56591" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 does not validate arguments, which allows local users to cause a denial of service (system crash) via a crafted application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ms-win-api-dos(56591)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56591" + }, + { + "name": "1023656", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023656" + }, + { + "name": "http://www.scmagazineus.com/malta-researchers-find-windows-bug-that-crashes-pcs/article/164439/", + "refsource": "MISC", + "url": "http://www.scmagazineus.com/malta-researchers-find-windows-bug-that-crashes-pcs/article/164439/" + }, + { + "name": "62660", + "refsource": "OSVDB", + "url": "http://osvdb.org/62660" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1253.json b/2010/1xxx/CVE-2010-1253.json index e03397f54a7..b95ca737866 100644 --- a/2010/1xxx/CVE-2010-1253.json +++ b/2010/1xxx/CVE-2010-1253.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1253", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with crafted DBQueryExt records that allow a function call to a \"user-controlled pointer,\" aka \"Excel ADO Object Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2010-1253", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100608 ZDI-10-103: Microsoft Office Excel DBQueryExt Record Unspecified ADO Object Remote Code Execution Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/511728/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-103", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-103" - }, - { - "name" : "MS10-038", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038" - }, - { - "name" : "TA10-159B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" - }, - { - "name" : "65228", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/65228" - }, - { - "name" : "oval:org.mitre.oval:def:6842", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6842" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with crafted DBQueryExt records that allow a function call to a \"user-controlled pointer,\" aka \"Excel ADO Object Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-103", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-103" + }, + { + "name": "oval:org.mitre.oval:def:6842", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6842" + }, + { + "name": "MS10-038", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038" + }, + { + "name": "65228", + "refsource": "OSVDB", + "url": "http://osvdb.org/65228" + }, + { + "name": "TA10-159B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" + }, + { + "name": "20100608 ZDI-10-103: Microsoft Office Excel DBQueryExt Record Unspecified ADO Object Remote Code Execution Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/511728/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1446.json b/2010/1xxx/CVE-2010-1446.json index ba3cbc646ab..43429a6204c 100644 --- a/2010/1xxx/CVE-2010-1446.json +++ b/2010/1xxx/CVE-2010-1446.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1446", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and other versions before 2.6.33, when running on PowerPC, does not properly perform a security check for access to a kernel page, which allows local users to overwrite arbitrary kernel memory, related to Fsl booke." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-1446", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[linux-kernel] 20100510 [071/117] kgdb: dont needlessly skip PAGE_USER test for Fsl booke", - "refsource" : "MLIST", - "url" : "http://lkml.org/lkml/2010/5/10/458" - }, - { - "name" : "[oss-security] 20100429 CVE request - Linux Kernel KGDB/ppc issue", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/04/29/3" - }, - { - "name" : "[oss-security] 20100429 Re: CVE request - Linux Kernel KGDB/ppc issue", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/04/29/9" - }, - { - "name" : "[oss-security] 20100430 Re: CVE request - Linux Kernel KGDB/ppc issue", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/04/30/1" - }, - { - "name" : "DSA-2053", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2053" - }, - { - "name" : "SUSE-SA:2010:031", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html" - }, - { - "name" : "39830", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39830" - }, - { - "name" : "40645", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40645" - }, - { - "name" : "ADV-2010-1857", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1857" - }, - { - "name" : "kernel-kgdb-memory-overwrite(58840)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58840" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and other versions before 2.6.33, when running on PowerPC, does not properly perform a security check for access to a kernel page, which allows local users to overwrite arbitrary kernel memory, related to Fsl booke." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SA:2010:031", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html" + }, + { + "name": "kernel-kgdb-memory-overwrite(58840)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58840" + }, + { + "name": "[oss-security] 20100430 Re: CVE request - Linux Kernel KGDB/ppc issue", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/04/30/1" + }, + { + "name": "40645", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40645" + }, + { + "name": "[oss-security] 20100429 Re: CVE request - Linux Kernel KGDB/ppc issue", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/04/29/9" + }, + { + "name": "[linux-kernel] 20100510 [071/117] kgdb: dont needlessly skip PAGE_USER test for Fsl booke", + "refsource": "MLIST", + "url": "http://lkml.org/lkml/2010/5/10/458" + }, + { + "name": "DSA-2053", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2053" + }, + { + "name": "39830", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39830" + }, + { + "name": "[oss-security] 20100429 CVE request - Linux Kernel KGDB/ppc issue", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/04/29/3" + }, + { + "name": "ADV-2010-1857", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1857" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5015.json b/2010/5xxx/CVE-2010-5015.json index 6d09e38b813..7c96d428e44 100644 --- a/2010/5xxx/CVE-2010-5015.json +++ b/2010/5xxx/CVE-2010-5015.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5015", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5015", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.packetstormsecurity.com/1006-exploits/2daybiz-sqlxss.txt", - "refsource" : "MISC", - "url" : "http://www.packetstormsecurity.com/1006-exploits/2daybiz-sqlxss.txt" - }, - { - "name" : "40913", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40913" - }, - { - "name" : "40247", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40247" - }, - { - "name" : "8511", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8511" - }, - { - "name" : "networkcomm-viewphoto-sql-injection(59496)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59496" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "networkcomm-viewphoto-sql-injection(59496)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59496" + }, + { + "name": "8511", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8511" + }, + { + "name": "40913", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40913" + }, + { + "name": "http://www.packetstormsecurity.com/1006-exploits/2daybiz-sqlxss.txt", + "refsource": "MISC", + "url": "http://www.packetstormsecurity.com/1006-exploits/2daybiz-sqlxss.txt" + }, + { + "name": "40247", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40247" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0242.json b/2014/0xxx/CVE-2014-0242.json index 949bbf44557..e6973e47a7b 100644 --- a/2014/0xxx/CVE-2014-0242.json +++ b/2014/0xxx/CVE-2014-0242.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0242", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-0242", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0455.json b/2014/0xxx/CVE-2014-0455.json index b878b2e3416..d18d4d69000 100644 --- a/2014/0xxx/CVE-2014-0455.json +++ b/2014/0xxx/CVE-2014-0455.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0455", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-2402." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-0455", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080" - }, - { - "name" : "https://www.ibm.com/support/docview.wss?uid=swg21675973", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/docview.wss?uid=swg21675973" - }, - { - "name" : "GLSA-201502-12", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" - }, - { - "name" : "HPSBUX03091", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" - }, - { - "name" : "SSRT101667", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" - }, - { - "name" : "RHSA-2014:0675", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0675.html" - }, - { - "name" : "RHSA-2014:0413", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2014:0413" - }, - { - "name" : "USN-2187-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2187-1" - }, - { - "name" : "66899", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66899" - }, - { - "name" : "58974", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58974" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-2402." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2187-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2187-1" + }, + { + "name": "RHSA-2014:0675", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html" + }, + { + "name": "https://www.ibm.com/support/docview.wss?uid=swg21675973", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/docview.wss?uid=swg21675973" + }, + { + "name": "HPSBUX03091", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080" + }, + { + "name": "RHSA-2014:0413", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2014:0413" + }, + { + "name": "SSRT101667", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2" + }, + { + "name": "58974", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58974" + }, + { + "name": "66899", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66899" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" + }, + { + "name": "GLSA-201502-12", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0610.json b/2014/0xxx/CVE-2014-0610.json index f15c379c9ec..b2bf0baea14 100644 --- a/2014/0xxx/CVE-2014-0610.json +++ b/2014/0xxx/CVE-2014-0610.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0610", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-0610", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.novell.com/support/kb/doc.php?id=7015565", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/kb/doc.php?id=7015565" - }, - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=874533", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=874533" - }, - { - "name" : "1030802", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030802" - }, - { - "name" : "novell-groupwise-cve20140610-code-exec(95738)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95738" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "novell-groupwise-cve20140610-code-exec(95738)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95738" + }, + { + "name": "http://www.novell.com/support/kb/doc.php?id=7015565", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/kb/doc.php?id=7015565" + }, + { + "name": "1030802", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030802" + }, + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=874533", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=874533" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0659.json b/2014/0xxx/CVE-2014-0659.json index 0edd17f7a02..67e6083c522 100644 --- a/2014/0xxx/CVE-2014-0659.json +++ b/2014/0xxx/CVE-2014-0659.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0659", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2014-0659", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/elvanderb/TCP-32764", - "refsource" : "MISC", - "url" : "https://github.com/elvanderb/TCP-32764" - }, - { - "name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32381", - "refsource" : "CONFIRM", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32381" - }, - { - "name" : "20140110 Undocumented Test Interface in Cisco Small Business Devices", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd" - }, - { - "name" : "64776", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64776" - }, - { - "name" : "1029579", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029579" - }, - { - "name" : "1029580", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029580" - }, - { - "name" : "56292", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56292" - }, - { - "name" : "cisco-small-cve20140659-priv-esc(90233)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90233" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "56292", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56292" + }, + { + "name": "20140110 Undocumented Test Interface in Cisco Small Business Devices", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd" + }, + { + "name": "cisco-small-cve20140659-priv-esc(90233)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90233" + }, + { + "name": "64776", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64776" + }, + { + "name": "1029580", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029580" + }, + { + "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32381", + "refsource": "CONFIRM", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32381" + }, + { + "name": "1029579", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029579" + }, + { + "name": "https://github.com/elvanderb/TCP-32764", + "refsource": "MISC", + "url": "https://github.com/elvanderb/TCP-32764" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0666.json b/2014/0xxx/CVE-2014-0666.json index 6175228028a..c13588142af 100644 --- a/2014/0xxx/CVE-2014-0666.json +++ b/2014/0xxx/CVE-2014-0666.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0666", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2014-0666", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32451", - "refsource" : "CONFIRM", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32451" - }, - { - "name" : "20140115 Cisco Jabber for Windows Remote Code Execution Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0666" - }, - { - "name" : "64965", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64965" - }, - { - "name" : "102122", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102122" - }, - { - "name" : "1029635", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029635" - }, - { - "name" : "56331", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56331" - }, - { - "name" : "cisco-jabber-cve20140666-code-exec(90435)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90435" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1029635", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029635" + }, + { + "name": "20140115 Cisco Jabber for Windows Remote Code Execution Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0666" + }, + { + "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32451", + "refsource": "CONFIRM", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32451" + }, + { + "name": "56331", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56331" + }, + { + "name": "64965", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64965" + }, + { + "name": "cisco-jabber-cve20140666-code-exec(90435)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90435" + }, + { + "name": "102122", + "refsource": "OSVDB", + "url": "http://osvdb.org/102122" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0708.json b/2014/0xxx/CVE-2014-0708.json index 7f6aba12a48..84b430285c5 100644 --- a/2014/0xxx/CVE-2014-0708.json +++ b/2014/0xxx/CVE-2014-0708.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0708", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebEx Meeting Center in Cisco WebEx Business Suite does not properly compose URLs for HTTP GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) a browser's history, aka Bug ID CSCul98272." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2014-0708", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140318 Cisco WebEx Business Suite HTTP GET Parameters Include Sensitive Information", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0708" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebEx Meeting Center in Cisco WebEx Business Suite does not properly compose URLs for HTTP GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) a browser's history, aka Bug ID CSCul98272." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140318 Cisco WebEx Business Suite HTTP GET Parameters Include Sensitive Information", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0708" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0894.json b/2014/0xxx/CVE-2014-0894.json index 39b8b64bcb3..ccd222da7f7 100644 --- a/2014/0xxx/CVE-2014-0894.json +++ b/2014/0xxx/CVE-2014-0894.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0894", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows context-dependent attackers to discover database credentials by reading the DbUser and DbPass fields in an XML document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-0894", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/532598/100/0/threaded" - }, - { - "name" : "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Jun/173" - }, - { - "name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt", - "refsource" : "MISC", - "url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt" - }, - { - "name" : "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21675881", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21675881" - }, - { - "name" : "59296", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59296" - }, - { - "name" : "ibm-aclm-cve20140894-database-pw(91313)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91313" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows context-dependent attackers to discover database credentials by reading the DbUser and DbPass fields in an XML document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html" + }, + { + "name": "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/532598/100/0/threaded" + }, + { + "name": "59296", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59296" + }, + { + "name": "ibm-aclm-cve20140894-database-pw(91313)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91313" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675881", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675881" + }, + { + "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt", + "refsource": "MISC", + "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt" + }, + { + "name": "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Jun/173" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1261.json b/2014/1xxx/CVE-2014-1261.json index 62050a2fc4d..d27f1761619 100644 --- a/2014/1xxx/CVE-2014-1261.json +++ b/2014/1xxx/CVE-2014-1261.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1261", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2014-1261", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT6150", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT6150" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT6150", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT6150" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1506.json b/2014/1xxx/CVE-2014-1506.json index d8716f41526..a84da5a9fbe 100644 --- a/2014/1xxx/CVE-2014-1506.json +++ b/2014/1xxx/CVE-2014-1506.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1506", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2014-1506", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140326 Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516)", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-03/0153.html" - }, - { - "name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-24.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-24.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944374", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944374" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "66420", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66420" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-24.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-24.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=944374", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=944374" + }, + { + "name": "20140326 Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516)", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0153.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "66420", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66420" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1690.json b/2014/1xxx/CVE-2014-1690.json index 220222c95e8..fb168209b85 100644 --- a/2014/1xxx/CVE-2014-1690.json +++ b/2014/1xxx/CVE-2014-1690.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1690", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-1690", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140128 Re: CVE request Linux kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/01/28/3" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2690d97ade05c5325cbf7c72b94b90d265659886", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2690d97ade05c5325cbf7c72b94b90d265659886" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1058748", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1058748" - }, - { - "name" : "https://github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886" - }, - { - "name" : "USN-2137-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2137-1" - }, - { - "name" : "USN-2140-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2140-1" - }, - { - "name" : "USN-2158-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2158-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2137-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2137-1" + }, + { + "name": "USN-2140-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2140-1" + }, + { + "name": "USN-2158-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2158-1" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1058748", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1058748" + }, + { + "name": "[oss-security] 20140128 Re: CVE request Linux kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/01/28/3" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2690d97ade05c5325cbf7c72b94b90d265659886", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2690d97ade05c5325cbf7c72b94b90d265659886" + }, + { + "name": "https://github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1954.json b/2014/1xxx/CVE-2014-1954.json index 9d69ecb1426..2e4016ed78a 100644 --- a/2014/1xxx/CVE-2014-1954.json +++ b/2014/1xxx/CVE-2014-1954.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1954", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1954", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4506.json b/2014/4xxx/CVE-2014-4506.json index 34dd855aed1..6fabc32640a 100644 --- a/2014/4xxx/CVE-2014-4506.json +++ b/2014/4xxx/CVE-2014-4506.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4506", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Custom Meta module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the \"administer custom meta settings\" permission to inject arbitrary web script or HTML via the (1) attribute or (2) content value for a meta tag." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4506", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2288429", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2288429" - }, - { - "name" : "https://www.drupal.org/node/2288415", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2288415" - }, - { - "name" : "https://www.drupal.org/node/2288417", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2288417" - }, - { - "name" : "68108", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68108" - }, - { - "name" : "59367", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59367" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Custom Meta module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the \"administer custom meta settings\" permission to inject arbitrary web script or HTML via the (1) attribute or (2) content value for a meta tag." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2288417", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2288417" + }, + { + "name": "59367", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59367" + }, + { + "name": "https://www.drupal.org/node/2288415", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2288415" + }, + { + "name": "https://www.drupal.org/node/2288429", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2288429" + }, + { + "name": "68108", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68108" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4541.json b/2014/4xxx/CVE-2014-4541.json index d914dc3150a..7345072f110 100644 --- a/2014/4xxx/CVE-2014-4541.json +++ b/2014/4xxx/CVE-2014-4541.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4541", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in shortcode-generator/preview-shortcode-external.php in the OMFG Mobile Pro plugin 1.1.26 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4541", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://codevigilant.com/disclosure/wp-plugin-omfg-mobile-a3-cross-site-scripting-xss", - "refsource" : "MISC", - "url" : "http://codevigilant.com/disclosure/wp-plugin-omfg-mobile-a3-cross-site-scripting-xss" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in shortcode-generator/preview-shortcode-external.php in the OMFG Mobile Pro plugin 1.1.26 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://codevigilant.com/disclosure/wp-plugin-omfg-mobile-a3-cross-site-scripting-xss", + "refsource": "MISC", + "url": "http://codevigilant.com/disclosure/wp-plugin-omfg-mobile-a3-cross-site-scripting-xss" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4792.json b/2014/4xxx/CVE-2014-4792.json index b589ca4a426..8a7718971a3 100644 --- a/2014/4xxx/CVE-2014-4792.json +++ b/2014/4xxx/CVE-2014-4792.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4792", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02 allows remote authenticated users to cause a denial of service (disk consumption) by uploading large files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-4792", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681998", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681998" - }, - { - "name" : "PI23334", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI23334" - }, - { - "name" : "61204", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61204" - }, - { - "name" : "ibm-wsportal-cve20144792-upload(95204)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95204" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02 allows remote authenticated users to cause a denial of service (disk consumption) by uploading large files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-wsportal-cve20144792-upload(95204)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95204" + }, + { + "name": "61204", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61204" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681998", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681998" + }, + { + "name": "PI23334", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI23334" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5242.json b/2014/5xxx/CVE-2014-5242.json index e3380f24a39..5f8dddb0af8 100644 --- a/2014/5xxx/CVE-2014-5242.json +++ b/2014/5xxx/CVE-2014-5242.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5242", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5242", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140814 Re: Possible CVE Request: MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2014/08/14/5" - }, - { - "name" : "[MediaWiki-announce] 20140730 MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2", - "refsource" : "MLIST", - "url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-July/000157.html" - }, - { - "name" : "https://bugzilla.wikimedia.org/show_bug.cgi?id=66608", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.wikimedia.org/show_bug.cgi?id=66608" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2014-0309.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2014-0309.html" - }, - { - "name" : "MDVSA-2014:153", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2014:153" - }, - { - "name" : "69135", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69135" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[MediaWiki-announce] 20140730 MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2", + "refsource": "MLIST", + "url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-July/000157.html" + }, + { + "name": "https://bugzilla.wikimedia.org/show_bug.cgi?id=66608", + "refsource": "CONFIRM", + "url": "https://bugzilla.wikimedia.org/show_bug.cgi?id=66608" + }, + { + "name": "MDVSA-2014:153", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:153" + }, + { + "name": "69135", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69135" + }, + { + "name": "[oss-security] 20140814 Re: Possible CVE Request: MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2014/08/14/5" + }, + { + "name": "http://advisories.mageia.org/MGASA-2014-0309.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2014-0309.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5330.json b/2014/5xxx/CVE-2014-5330.json index 8d72cbec472..f283706a95a 100644 --- a/2014/5xxx/CVE-2014-5330.json +++ b/2014/5xxx/CVE-2014-5330.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5330", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in BirdBlog allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2014-5330", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JVN#87373393", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN87373393/index.html" - }, - { - "name" : "JVNDB-2014-000121", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000121" - }, - { - "name" : "70610", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/70610" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in BirdBlog allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "70610", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/70610" + }, + { + "name": "JVNDB-2014-000121", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000121" + }, + { + "name": "JVN#87373393", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN87373393/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5495.json b/2014/5xxx/CVE-2014-5495.json index 6c9648fc2b3..321b2a18cd2 100644 --- a/2014/5xxx/CVE-2014-5495.json +++ b/2014/5xxx/CVE-2014-5495.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5495", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5495", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5838.json b/2014/5xxx/CVE-2014-5838.json index 75a54ef0e83..3fff6acffdf 100644 --- a/2014/5xxx/CVE-2014-5838.json +++ b/2014/5xxx/CVE-2014-5838.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5838", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Girls Games - Shoes Maker (aka com.g6677.android.shoemaker) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5838", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#442665", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/442665" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Girls Games - Shoes Maker (aka com.g6677.android.shoemaker) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#442665", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/442665" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2433.json b/2015/2xxx/CVE-2015-2433.json index d6c59a8332b..1c82cfe630f 100644 --- a/2015/2xxx/CVE-2015-2433.json +++ b/2015/2xxx/CVE-2015-2433.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2433", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka \"Kernel ASLR Bypass Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2433", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38222", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38222/" - }, - { - "name" : "MS15-080", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080" - }, - { - "name" : "76213", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76213" - }, - { - "name" : "1033238", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033238" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka \"Kernel ASLR Bypass Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-080", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080" + }, + { + "name": "76213", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76213" + }, + { + "name": "1033238", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033238" + }, + { + "name": "38222", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38222/" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10248.json b/2016/10xxx/CVE-2016-10248.json index 41c5cb0fc2e..1909ecc87d5 100644 --- a/2016/10xxx/CVE-2016-10248.json +++ b/2016/10xxx/CVE-2016-10248.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10248", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) via vectors involving an empty sequence." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10248", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/", - "refsource" : "MISC", - "url" : "https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/" - }, - { - "name" : "https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd", - "refsource" : "CONFIRM", - "url" : "https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd" - }, - { - "name" : "RHSA-2017:1208", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1208" - }, - { - "name" : "USN-3693-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3693-1/" - }, - { - "name" : "93797", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93797" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) via vectors involving an empty sequence." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/", + "refsource": "MISC", + "url": "https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/" + }, + { + "name": "https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd", + "refsource": "CONFIRM", + "url": "https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd" + }, + { + "name": "RHSA-2017:1208", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1208" + }, + { + "name": "93797", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93797" + }, + { + "name": "USN-3693-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3693-1/" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10342.json b/2016/10xxx/CVE-2016-10342.json index 9e6aec29ceb..9c568c0bb13 100644 --- a/2016/10xxx/CVE-2016-10342.json +++ b/2016/10xxx/CVE-2016-10342.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "ID" : "CVE-2016-10342", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Copy without Checking Size of Input in TrustZone" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "ID": "CVE-2016-10342", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-06-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-06-01" - }, - { - "name" : "98874", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98874" - }, - { - "name" : "1038623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Copy without Checking Size of Input in TrustZone" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-06-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-06-01" + }, + { + "name": "98874", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98874" + }, + { + "name": "1038623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038623" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10438.json b/2016/10xxx/CVE-2016-10438.json index b222557e6b8..8008666e390 100644 --- a/2016/10xxx/CVE-2016-10438.json +++ b/2016/10xxx/CVE-2016-10438.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10438", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Small Cell SoC, Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, information exposure vulnerability when logging debug statement due to %p usage." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information exposure vulnerability in various HLOS modules" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10438", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Small Cell SoC, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, information exposure vulnerability when logging debug statement due to %p usage." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information exposure vulnerability in various HLOS modules" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10539.json b/2016/10xxx/CVE-2016-10539.json index ebdb640477b..92d411a4aa6 100644 --- a/2016/10xxx/CVE-2016-10539.json +++ b/2016/10xxx/CVE-2016-10539.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10539", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "negotiator node module", - "version" : { - "version_data" : [ - { - "version_value" : "<= 0.6.0" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for \"Accept-Language\", when parsed by negotiator 0.6.0 and earlier is vulnerable to Regular Expression Denial of Service via a specially crafted string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service (CWE-400)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10539", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "negotiator node module", + "version": { + "version_data": [ + { + "version_value": "<= 0.6.0" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/106", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/106" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for \"Accept-Language\", when parsed by negotiator 0.6.0 and earlier is vulnerable to Regular Expression Denial of Service via a specially crafted string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service (CWE-400)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/106", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/106" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3789.json b/2016/3xxx/CVE-2016-3789.json index a4a87255fdd..66eb0e54f0f 100644 --- a/2016/3xxx/CVE-2016-3789.json +++ b/2016/3xxx/CVE-2016-3789.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3789", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-3789", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8429.json b/2016/8xxx/CVE-2016-8429.json index af43acf437b..588ba440447 100644 --- a/2016/8xxx/CVE-2016-8429.json +++ b/2016/8xxx/CVE-2016-8429.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-8429", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Kernel-3.10" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32160775. References: N-CVE-2016-8429." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-8429", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Kernel-3.10" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-01-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-01-01.html" - }, - { - "name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", - "refsource" : "CONFIRM", - "url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" - }, - { - "name" : "95231", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95231" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32160775. References: N-CVE-2016-8429." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-01-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-01-01.html" + }, + { + "name": "95231", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95231" + }, + { + "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", + "refsource": "CONFIRM", + "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8469.json b/2016/8xxx/CVE-2016-8469.json index 117b7aaf988..3f7b8a7d959 100644 --- a/2016/8xxx/CVE-2016-8469.json +++ b/2016/8xxx/CVE-2016-8469.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-8469", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Kernel-3.10" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An information disclosure vulnerability in the camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31351206. References: N-CVE-2016-8469." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-8469", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Kernel-3.10" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-01-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-01-01.html" - }, - { - "name" : "95246", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95246" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An information disclosure vulnerability in the camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31351206. References: N-CVE-2016-8469." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-01-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-01-01.html" + }, + { + "name": "95246", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95246" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8477.json b/2016/8xxx/CVE-2016-8477.json index ce15833c0ea..31a017bdfa3 100644 --- a/2016/8xxx/CVE-2016-8477.json +++ b/2016/8xxx/CVE-2016-8477.json @@ -1,85 +1,85 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-8477", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Kernel-3.10" - }, - { - "version_value" : "Kernel-3.18" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32720522. References: QC-CR#1090007." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-8477", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Kernel-3.10" + }, + { + "version_value": "Kernel-3.18" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-03-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-03-01" - }, - { - "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508" - }, - { - "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb" - }, - { - "name" : "96749", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96749" - }, - { - "name" : "1037968", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037968" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32720522. References: QC-CR#1090007." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508" + }, + { + "name": "https://source.android.com/security/bulletin/2017-03-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-03-01" + }, + { + "name": "1037968", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037968" + }, + { + "name": "96749", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96749" + }, + { + "name": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8552.json b/2016/8xxx/CVE-2016-8552.json index c4004f49bb6..4ad4a6e38ba 100644 --- a/2016/8xxx/CVE-2016-8552.json +++ b/2016/8xxx/CVE-2016-8552.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8552", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8552", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9066.json b/2016/9xxx/CVE-2016-9066.json index 586ae6c73c2..4a60192a9a6 100644 --- a/2016/9xxx/CVE-2016-9066.json +++ b/2016/9xxx/CVE-2016-9066.json @@ -1,125 +1,125 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@mozilla.org", - "ID" : "CVE-2016-9066", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Thunderbird", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "45.5" - } - ] - } - }, - { - "product_name" : "Firefox ESR", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "45.5" - } - ] - } - }, - { - "product_name" : "Firefox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "50" - } - ] - } - } - ] - }, - "vendor_name" : "Mozilla" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Integer overflow leading to a buffer overflow in nsScriptLoadHandler" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-9066", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Thunderbird", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "45.5" + } + ] + } + }, + { + "product_name": "Firefox ESR", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "45.5" + } + ] + } + }, + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "50" + } + ] + } + } + ] + }, + "vendor_name": "Mozilla" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1299686", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1299686" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-89/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-89/" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-90/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-90/" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-93/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-93/" - }, - { - "name" : "DSA-3730", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2016/dsa-3730" - }, - { - "name" : "GLSA-201701-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-15" - }, - { - "name" : "RHSA-2016:2780", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2780.html" - }, - { - "name" : "94336", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94336" - }, - { - "name" : "1037298", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Integer overflow leading to a buffer overflow in nsScriptLoadHandler" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3730", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2016/dsa-3730" + }, + { + "name": "1037298", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037298" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1299686", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1299686" + }, + { + "name": "GLSA-201701-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-15" + }, + { + "name": "94336", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94336" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-93/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-93/" + }, + { + "name": "RHSA-2016:2780", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-89/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-89/" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-90/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-90/" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9710.json b/2016/9xxx/CVE-2016-9710.json index d6c196b050f..5081216bd6f 100644 --- a/2016/9xxx/CVE-2016-9710.json +++ b/2016/9xxx/CVE-2016-9710.json @@ -1,84 +1,84 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-9710", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cognos Business Intelligence", - "version" : { - "version_data" : [ - { - "version_value" : "10.1.1" - }, - { - "version_value" : "10.2" - }, - { - "version_value" : "10.2.1" - }, - { - "version_value" : "10.2.1.1" - }, - { - "version_value" : "10.2.2" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Predictive Solutions Foundation (formerly PMQ) could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL to specify a file from the local system, which could allow the attacker to obtain sensitive information. IBM X-Force ID: 119618." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-9710", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cognos Business Intelligence", + "version": { + "version_data": [ + { + "version_value": "10.1.1" + }, + { + "version_value": "10.2" + }, + { + "version_value": "10.2.1" + }, + { + "version_value": "10.2.1.1" + }, + { + "version_value": "10.2.2" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/119618", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/119618" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22004036", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22004036" - }, - { - "name" : "98975", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98975" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Predictive Solutions Foundation (formerly PMQ) could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL to specify a file from the local system, which could allow the attacker to obtain sensitive information. IBM X-Force ID: 119618." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22004036", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22004036" + }, + { + "name": "98975", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98975" + }, + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119618", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119618" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9728.json b/2016/9xxx/CVE-2016-9728.json index 4f0af008825..da155c03c22 100644 --- a/2016/9xxx/CVE-2016-9728.json +++ b/2016/9xxx/CVE-2016-9728.json @@ -1,83 +1,83 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-9728", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "QRadar SIEM", - "version" : { - "version_data" : [ - { - "version_value" : "7.1 MR1" - }, - { - "version_value" : "7.1" - }, - { - "version_value" : "7.0" - }, - { - "version_value" : "7.2" - }, - { - "version_value" : "7.1 MR2" - }, - { - "version_value" : "7" - }, - { - "version_value" : "7.1 MR2" - }, - { - "version_value" : "7.2.3" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Qradar 7.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM Reference #: 1999543." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-9728", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "QRadar SIEM", + "version": { + "version_data": [ + { + "version_value": "7.1 MR1" + }, + { + "version_value": "7.1" + }, + { + "version_value": "7.0" + }, + { + "version_value": "7.2" + }, + { + "version_value": "7.1 MR2" + }, + { + "version_value": "7" + }, + { + "version_value": "7.1 MR2" + }, + { + "version_value": "7.2.3" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21999543", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21999543" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Qradar 7.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM Reference #: 1999543." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21999543", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21999543" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9959.json b/2016/9xxx/CVE-2016-9959.json index 86322caf816..a2cffbff170 100644 --- a/2016/9xxx/CVE-2016-9959.json +++ b/2016/9xxx/CVE-2016-9959.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9959", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-9959", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161215 Re: CVE Request: Game Music Emulators: incorrect emulation of the SPC700 audio co-processor of SNES: arbitrary code execution via malformed SPC music file", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/12/15/11" - }, - { - "name" : "https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html", - "refsource" : "MISC", - "url" : "https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html" - }, - { - "name" : "https://bitbucket.org/mpyne/game-music-emu/wiki/Home", - "refsource" : "CONFIRM", - "url" : "https://bitbucket.org/mpyne/game-music-emu/wiki/Home" - }, - { - "name" : "FEDORA-2016-04383482b4", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LKMKVYS7AVB2EXC463FUYN6C6FABHME/" - }, - { - "name" : "FEDORA-2016-fbf9f8b204", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/" - }, - { - "name" : "FEDORA-2017-3d771a1702", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHFKIFSFIDXOKFUKAH2MBNXDTY6DYBF6/" - }, - { - "name" : "FEDORA-2017-5bf9a268df", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7Z2OVERYM6NW3FGVGTJUNSL5ZNFSH2S/" - }, - { - "name" : "GLSA-201707-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201707-02" - }, - { - "name" : "SUSE-SA:2016:3250", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html" - }, - { - "name" : "openSUSE-SA:2017:0022", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html" - }, - { - "name" : "95305", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95305" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SA:2016:3250", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html" + }, + { + "name": "FEDORA-2016-fbf9f8b204", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/" + }, + { + "name": "95305", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95305" + }, + { + "name": "[oss-security] 20161215 Re: CVE Request: Game Music Emulators: incorrect emulation of the SPC700 audio co-processor of SNES: arbitrary code execution via malformed SPC music file", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/12/15/11" + }, + { + "name": "https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html", + "refsource": "MISC", + "url": "https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html" + }, + { + "name": "GLSA-201707-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201707-02" + }, + { + "name": "FEDORA-2017-5bf9a268df", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7Z2OVERYM6NW3FGVGTJUNSL5ZNFSH2S/" + }, + { + "name": "https://bitbucket.org/mpyne/game-music-emu/wiki/Home", + "refsource": "CONFIRM", + "url": "https://bitbucket.org/mpyne/game-music-emu/wiki/Home" + }, + { + "name": "FEDORA-2016-04383482b4", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LKMKVYS7AVB2EXC463FUYN6C6FABHME/" + }, + { + "name": "FEDORA-2017-3d771a1702", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHFKIFSFIDXOKFUKAH2MBNXDTY6DYBF6/" + }, + { + "name": "openSUSE-SA:2017:0022", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9967.json b/2016/9xxx/CVE-2016-9967.json index ee28a6814cb..7be60c22657 100644 --- a/2016/9xxx/CVE-2016-9967.json +++ b/2016/9xxx/CVE-2016-9967.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9967", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7121." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9967", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016", - "refsource" : "CONFIRM", - "url" : "http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016" - }, - { - "name" : "94955", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94955" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7121." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94955", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94955" + }, + { + "name": "http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016", + "refsource": "CONFIRM", + "url": "http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2235.json b/2019/2xxx/CVE-2019-2235.json index 73c4952013d..3fcbe261dd3 100644 --- a/2019/2xxx/CVE-2019-2235.json +++ b/2019/2xxx/CVE-2019-2235.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2235", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2235", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2284.json b/2019/2xxx/CVE-2019-2284.json index 79b249665a5..5b4bd255686 100644 --- a/2019/2xxx/CVE-2019-2284.json +++ b/2019/2xxx/CVE-2019-2284.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2284", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2284", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2325.json b/2019/2xxx/CVE-2019-2325.json index c42c8e4555a..c0ec1017eaf 100644 --- a/2019/2xxx/CVE-2019-2325.json +++ b/2019/2xxx/CVE-2019-2325.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2325", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2325", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2670.json b/2019/2xxx/CVE-2019-2670.json index 4601adcb9e7..2349c04b532 100644 --- a/2019/2xxx/CVE-2019-2670.json +++ b/2019/2xxx/CVE-2019-2670.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2670", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2670", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6017.json b/2019/6xxx/CVE-2019-6017.json index 53d648175ef..0e78006eff4 100644 --- a/2019/6xxx/CVE-2019-6017.json +++ b/2019/6xxx/CVE-2019-6017.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6017", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6017", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6079.json b/2019/6xxx/CVE-2019-6079.json index 9f8c87895e4..288f3158273 100644 --- a/2019/6xxx/CVE-2019-6079.json +++ b/2019/6xxx/CVE-2019-6079.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6079", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6079", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6115.json b/2019/6xxx/CVE-2019-6115.json index 7326f250f6d..bd2de048c30 100644 --- a/2019/6xxx/CVE-2019-6115.json +++ b/2019/6xxx/CVE-2019-6115.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6115", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6115", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6376.json b/2019/6xxx/CVE-2019-6376.json index e99a03b0b54..a2bee0e9bce 100644 --- a/2019/6xxx/CVE-2019-6376.json +++ b/2019/6xxx/CVE-2019-6376.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6376", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6376", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7590.json b/2019/7xxx/CVE-2019-7590.json index d43e9124e88..f289c3354ff 100644 --- a/2019/7xxx/CVE-2019-7590.json +++ b/2019/7xxx/CVE-2019-7590.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7590", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7590", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file