From 1a774750b4f67a6fd7c269394a36505342a8628d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 03:56:51 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0206.json | 180 ++++++++--------- 2007/0xxx/CVE-2007-0329.json | 150 +++++++------- 2007/0xxx/CVE-2007-0376.json | 170 ++++++++-------- 2007/0xxx/CVE-2007-0698.json | 140 ++++++------- 2007/0xxx/CVE-2007-0826.json | 160 +++++++-------- 2007/0xxx/CVE-2007-0849.json | 160 +++++++-------- 2007/1xxx/CVE-2007-1000.json | 370 +++++++++++++++++------------------ 2007/1xxx/CVE-2007-1289.json | 180 ++++++++--------- 2007/1xxx/CVE-2007-1577.json | 150 +++++++------- 2007/1xxx/CVE-2007-1603.json | 130 ++++++------ 2007/1xxx/CVE-2007-1710.json | 200 +++++++++---------- 2007/1xxx/CVE-2007-1959.json | 130 ++++++------ 2007/4xxx/CVE-2007-4799.json | 170 ++++++++-------- 2007/4xxx/CVE-2007-4951.json | 130 ++++++------ 2007/5xxx/CVE-2007-5658.json | 210 ++++++++++---------- 2007/5xxx/CVE-2007-5845.json | 150 +++++++------- 2007/5xxx/CVE-2007-5872.json | 34 ++-- 2015/3xxx/CVE-2015-3408.json | 170 ++++++++-------- 2015/3xxx/CVE-2015-3690.json | 170 ++++++++-------- 2015/3xxx/CVE-2015-3820.json | 34 ++-- 2015/3xxx/CVE-2015-3922.json | 150 +++++++------- 2015/6xxx/CVE-2015-6162.json | 130 ++++++------ 2015/6xxx/CVE-2015-6540.json | 130 ++++++------ 2015/6xxx/CVE-2015-6840.json | 34 ++-- 2015/7xxx/CVE-2015-7004.json | 150 +++++++------- 2015/7xxx/CVE-2015-7106.json | 150 +++++++------- 2015/7xxx/CVE-2015-7542.json | 34 ++-- 2015/7xxx/CVE-2015-7590.json | 34 ++-- 2015/8xxx/CVE-2015-8218.json | 130 ++++++------ 2016/0xxx/CVE-2016-0176.json | 150 +++++++------- 2016/0xxx/CVE-2016-0329.json | 130 ++++++------ 2016/0xxx/CVE-2016-0546.json | 370 +++++++++++++++++------------------ 2016/0xxx/CVE-2016-0740.json | 150 +++++++------- 2016/0xxx/CVE-2016-0741.json | 170 ++++++++-------- 2016/0xxx/CVE-2016-0768.json | 120 ++++++------ 2016/1xxx/CVE-2016-1100.json | 170 ++++++++-------- 2016/1xxx/CVE-2016-1181.json | 280 +++++++++++++------------- 2016/1xxx/CVE-2016-1202.json | 150 +++++++------- 2016/1xxx/CVE-2016-1475.json | 34 ++-- 2016/1xxx/CVE-2016-1499.json | 160 +++++++-------- 2016/4xxx/CVE-2016-4319.json | 160 +++++++-------- 2016/5xxx/CVE-2016-5072.json | 120 ++++++------ 2016/5xxx/CVE-2016-5235.json | 34 ++-- 2019/0xxx/CVE-2019-0053.json | 34 ++-- 2019/0xxx/CVE-2019-0261.json | 142 +++++++------- 2019/0xxx/CVE-2019-0801.json | 34 ++-- 2019/0xxx/CVE-2019-0845.json | 34 ++-- 2019/1xxx/CVE-2019-1026.json | 34 ++-- 2019/1xxx/CVE-2019-1028.json | 34 ++-- 2019/1xxx/CVE-2019-1167.json | 34 ++-- 2019/1xxx/CVE-2019-1503.json | 34 ++-- 2019/3xxx/CVE-2019-3223.json | 34 ++-- 2019/3xxx/CVE-2019-3562.json | 34 ++-- 2019/3xxx/CVE-2019-3587.json | 164 ++++++++-------- 2019/3xxx/CVE-2019-3776.json | 206 +++++++++---------- 2019/4xxx/CVE-2019-4316.json | 34 ++-- 2019/4xxx/CVE-2019-4345.json | 34 ++-- 2019/4xxx/CVE-2019-4380.json | 34 ++-- 2019/4xxx/CVE-2019-4598.json | 34 ++-- 2019/8xxx/CVE-2019-8625.json | 34 ++-- 2019/8xxx/CVE-2019-8697.json | 34 ++-- 2019/8xxx/CVE-2019-8742.json | 34 ++-- 2019/8xxx/CVE-2019-8924.json | 34 ++-- 2019/9xxx/CVE-2019-9039.json | 34 ++-- 2019/9xxx/CVE-2019-9257.json | 34 ++-- 2019/9xxx/CVE-2019-9588.json | 130 ++++++------ 66 files changed, 3808 insertions(+), 3808 deletions(-) diff --git a/2007/0xxx/CVE-2007-0206.json b/2007/0xxx/CVE-2007-0206.json index f9366aff05a..e1cfa02266a 100644 --- a/2007/0xxx/CVE-2007-0206.json +++ b/2007/0xxx/CVE-2007-0206.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0206", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to read arbitrary files via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0206", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBMA02175", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/456615/100/0/threaded" - }, - { - "name" : "SSRT061174", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/456615/100/0/threaded" - }, - { - "name" : "22009", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22009" - }, - { - "name" : "ADV-2007-0153", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0153" - }, - { - "name" : "32729", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32729" - }, - { - "name" : "1017503", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017503" - }, - { - "name" : "2140", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2140" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to read arbitrary files via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT061174", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/456615/100/0/threaded" + }, + { + "name": "2140", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2140" + }, + { + "name": "32729", + "refsource": "OSVDB", + "url": "http://osvdb.org/32729" + }, + { + "name": "22009", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22009" + }, + { + "name": "HPSBMA02175", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/456615/100/0/threaded" + }, + { + "name": "1017503", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017503" + }, + { + "name": "ADV-2007-0153", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0153" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0329.json b/2007/0xxx/CVE-2007-0329.json index 8cfc43c25e0..1f97a6332a4 100644 --- a/2007/0xxx/CVE-2007-0329.json +++ b/2007/0xxx/CVE-2007-0329.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0329", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "download.php in Joonas Viljanen JV2 Folder Gallery allows remote attackers to read sensitive files via a relative pathname in the file parameter, as demonstrated by config/gallerysetup.php. NOTE: this issue might be resultant from a directory traversal vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0329", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3125", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3125" - }, - { - "name" : "ADV-2007-0180", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0180" - }, - { - "name" : "32811", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32811" - }, - { - "name" : "23724", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23724" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "download.php in Joonas Viljanen JV2 Folder Gallery allows remote attackers to read sensitive files via a relative pathname in the file parameter, as demonstrated by config/gallerysetup.php. NOTE: this issue might be resultant from a directory traversal vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23724", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23724" + }, + { + "name": "ADV-2007-0180", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0180" + }, + { + "name": "3125", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3125" + }, + { + "name": "32811", + "refsource": "OSVDB", + "url": "http://osvdb.org/32811" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0376.json b/2007/0xxx/CVE-2007-0376.json index 3b05f8460cb..e697fb34bb4 100644 --- a/2007/0xxx/CVE-2007-0376.json +++ b/2007/0xxx/CVE-2007-0376.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0376", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0376", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070204 Sql injection bugs in Virtuemart and Letterman", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459195/100/0/threaded" - }, - { - "name" : "20070118 The vulnerabilities festival !", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html" - }, - { - "name" : "http://virtuemart.svn.sourceforge.net/viewvc/*checkout*/virtuemart/branches/virtuemart-1_0_0/virtuemart/CHANGELOG.php?revision=607", - "refsource" : "MISC", - "url" : "http://virtuemart.svn.sourceforge.net/viewvc/*checkout*/virtuemart/branches/virtuemart-1_0_0/virtuemart/CHANGELOG.php?revision=607" - }, - { - "name" : "http://www.hackers.ir/advisories/festival.txt", - "refsource" : "MISC", - "url" : "http://www.hackers.ir/advisories/festival.txt" - }, - { - "name" : "22123", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22123" - }, - { - "name" : "24058", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24058" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://virtuemart.svn.sourceforge.net/viewvc/*checkout*/virtuemart/branches/virtuemart-1_0_0/virtuemart/CHANGELOG.php?revision=607", + "refsource": "MISC", + "url": "http://virtuemart.svn.sourceforge.net/viewvc/*checkout*/virtuemart/branches/virtuemart-1_0_0/virtuemart/CHANGELOG.php?revision=607" + }, + { + "name": "24058", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24058" + }, + { + "name": "22123", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22123" + }, + { + "name": "20070118 The vulnerabilities festival !", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html" + }, + { + "name": "20070204 Sql injection bugs in Virtuemart and Letterman", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459195/100/0/threaded" + }, + { + "name": "http://www.hackers.ir/advisories/festival.txt", + "refsource": "MISC", + "url": "http://www.hackers.ir/advisories/festival.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0698.json b/2007/0xxx/CVE-2007-0698.json index eebcd4066f4..7290a8f507b 100644 --- a/2007/0xxx/CVE-2007-0698.json +++ b/2007/0xxx/CVE-2007-0698.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0698", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in ACGVannu 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the id_mod parameter to templates/modif.html, and other unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0698", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ADV-2007-0388", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0388" - }, - { - "name" : "34666", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34666" - }, - { - "name" : "acgv-modif-sql-injection(32257)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32257" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in ACGVannu 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the id_mod parameter to templates/modif.html, and other unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34666", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34666" + }, + { + "name": "acgv-modif-sql-injection(32257)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32257" + }, + { + "name": "ADV-2007-0388", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0388" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0826.json b/2007/0xxx/CVE-2007-0826.json index 2e0c786eda5..84febe9cae1 100644 --- a/2007/0xxx/CVE-2007-0826.json +++ b/2007/0xxx/CVE-2007-0826.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0826", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in forum.asp in Kisisel Site 2007 allows remote attackers to execute arbitrary SQL commands via the forumid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0826", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3278", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3278" - }, - { - "name" : "22435", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22435" - }, - { - "name" : "ADV-2007-0510", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0510" - }, - { - "name" : "35831", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35831" - }, - { - "name" : "kisisel-forum-sql-injection(32422)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32422" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in forum.asp in Kisisel Site 2007 allows remote attackers to execute arbitrary SQL commands via the forumid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3278", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3278" + }, + { + "name": "ADV-2007-0510", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0510" + }, + { + "name": "35831", + "refsource": "OSVDB", + "url": "http://osvdb.org/35831" + }, + { + "name": "kisisel-forum-sql-injection(32422)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32422" + }, + { + "name": "22435", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22435" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0849.json b/2007/0xxx/CVE-2007-0849.json index 8b102c25b6a..e9f2f9ce684 100644 --- a/2007/0xxx/CVE-2007-0849.json +++ b/2007/0xxx/CVE-2007-0849.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0849", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "scripts/cronscript.php in SysCP 1.2.15 and earlier does not properly quote pathnames in user home directories, which allows local users to gain privileges by placing shell metacharacters in a directory name, and then using the control panel to protect this directory, a different vulnerability than CVE-2005-2568." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0849", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070207 Ability to inject and execute any code as root in SysCP", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459397/100/0/threaded" - }, - { - "name" : "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP", - "refsource" : "CONFIRM", - "url" : "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP" - }, - { - "name" : "22453", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22453" - }, - { - "name" : "33128", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33128" - }, - { - "name" : "24102", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24102" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "scripts/cronscript.php in SysCP 1.2.15 and earlier does not properly quote pathnames in user home directories, which allows local users to gain privileges by placing shell metacharacters in a directory name, and then using the control panel to protect this directory, a different vulnerability than CVE-2005-2568." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33128", + "refsource": "OSVDB", + "url": "http://osvdb.org/33128" + }, + { + "name": "20070207 Ability to inject and execute any code as root in SysCP", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459397/100/0/threaded" + }, + { + "name": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP", + "refsource": "CONFIRM", + "url": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP" + }, + { + "name": "24102", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24102" + }, + { + "name": "22453", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22453" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1000.json b/2007/1xxx/CVE-2007-1000.json index c0a70fa445d..5b639f69209 100644 --- a/2007/1xxx/CVE-2007-1000.json +++ b/2007/1xxx/CVE-2007-1000.json @@ -1,187 +1,187 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1000", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-1000", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070615 rPSA-2007-0124-1 kernel xen", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471457" - }, - { - "name" : "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?", - "refsource" : "MISC", - "url" : "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?" - }, - { - "name" : "http://bugzilla.kernel.org/show_bug.cgi?id=8134", - "refsource" : "CONFIRM", - "url" : "http://bugzilla.kernel.org/show_bug.cgi?id=8134" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.2", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.2" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1153", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1153" - }, - { - "name" : "FEDORA-2007-335", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2787" - }, - { - "name" : "FEDORA-2007-336", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2788" - }, - { - "name" : "MDKSA-2007:078", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:078" - }, - { - "name" : "RHSA-2007:0169", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0169.html" - }, - { - "name" : "SUSE-SA:2007:029", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html" - }, - { - "name" : "USN-486-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-486-1" - }, - { - "name" : "USN-489-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-489-1" - }, - { - "name" : "VU#920689", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/920689" - }, - { - "name" : "22904", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22904" - }, - { - "name" : "oval:org.mitre.oval:def:10015", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10015" - }, - { - "name" : "ADV-2007-0907", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0907" - }, - { - "name" : "33025", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33025" - }, - { - "name" : "24518", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24518" - }, - { - "name" : "24777", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24777" - }, - { - "name" : "24901", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24901" - }, - { - "name" : "25080", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25080" - }, - { - "name" : "25099", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25099" - }, - { - "name" : "25691", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25691" - }, - { - "name" : "24493", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24493" - }, - { - "name" : "26133", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26133" - }, - { - "name" : "26139", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26139" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22904", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22904" + }, + { + "name": "oval:org.mitre.oval:def:10015", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10015" + }, + { + "name": "VU#920689", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/920689" + }, + { + "name": "24901", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24901" + }, + { + "name": "MDKSA-2007:078", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:078" + }, + { + "name": "http://bugzilla.kernel.org/show_bug.cgi?id=8134", + "refsource": "CONFIRM", + "url": "http://bugzilla.kernel.org/show_bug.cgi?id=8134" + }, + { + "name": "24777", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24777" + }, + { + "name": "SUSE-SA:2007:029", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1153", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1153" + }, + { + "name": "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?", + "refsource": "MISC", + "url": "http://www.wslabi.com/wabisabilabi/initPublishedBid.do?" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.2", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.2" + }, + { + "name": "USN-489-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-489-1" + }, + { + "name": "24518", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24518" + }, + { + "name": "ADV-2007-0907", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0907" + }, + { + "name": "25099", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25099" + }, + { + "name": "20070615 rPSA-2007-0124-1 kernel xen", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471457" + }, + { + "name": "FEDORA-2007-335", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2787" + }, + { + "name": "RHSA-2007:0169", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0169.html" + }, + { + "name": "25080", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25080" + }, + { + "name": "33025", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33025" + }, + { + "name": "24493", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24493" + }, + { + "name": "FEDORA-2007-336", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2788" + }, + { + "name": "USN-486-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-486-1" + }, + { + "name": "25691", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25691" + }, + { + "name": "26139", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26139" + }, + { + "name": "26133", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26133" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1289.json b/2007/1xxx/CVE-2007-1289.json index 127b4396ef4..c08f2350ab4 100644 --- a/2007/1xxx/CVE-2007-1289.json +++ b/2007/1xxx/CVE-2007-1289.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1289", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in ViewBugs.php in Tyger Bug Tracking System (TygerBT) 1.1.3 allows remote attackers to execute arbitrary SQL commands via the s parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1289", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070303 Tyger Bug Tracking System Multiple Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461801/100/0/threaded" - }, - { - "name" : "22799", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22799" - }, - { - "name" : "ADV-2007-0822", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0822" - }, - { - "name" : "35817", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35817" - }, - { - "name" : "24385", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24385" - }, - { - "name" : "2356", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2356" - }, - { - "name" : "tyger-viewbugs-sql-injection(32791)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32791" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in ViewBugs.php in Tyger Bug Tracking System (TygerBT) 1.1.3 allows remote attackers to execute arbitrary SQL commands via the s parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "tyger-viewbugs-sql-injection(32791)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32791" + }, + { + "name": "2356", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2356" + }, + { + "name": "35817", + "refsource": "OSVDB", + "url": "http://osvdb.org/35817" + }, + { + "name": "20070303 Tyger Bug Tracking System Multiple Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461801/100/0/threaded" + }, + { + "name": "24385", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24385" + }, + { + "name": "22799", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22799" + }, + { + "name": "ADV-2007-0822", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0822" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1577.json b/2007/1xxx/CVE-2007-1577.json index 9597dbcffa8..8811497cc01 100644 --- a/2007/1xxx/CVE-2007-1577.json +++ b/2007/1xxx/CVE-2007-1577.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1577", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in index.php in GeBlog 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tplname] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1577", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3522", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3522" - }, - { - "name" : "23052", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23052" - }, - { - "name" : "33776", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33776" - }, - { - "name" : "geblog-index-file-include(33089)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33089" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in index.php in GeBlog 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tplname] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3522", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3522" + }, + { + "name": "geblog-index-file-include(33089)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33089" + }, + { + "name": "33776", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33776" + }, + { + "name": "23052", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23052" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1603.json b/2007/1xxx/CVE-2007-1603.json index 0817c093746..f3a431722eb 100644 --- a/2007/1xxx/CVE-2007-1603.json +++ b/2007/1xxx/CVE-2007-1603.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1603", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "admin/contest.php in Weekly Drawing Contest 0.0.1 allows remote attackers to bypass authentication, and insert new contest information into a database, via a direct POST request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1603", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070313 Re: Weekly Drawing Contest <= (check_vote.php) Remote File Disclosure Vuln", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462702/100/100/threaded" - }, - { - "name" : "2453", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2453" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "admin/contest.php in Weekly Drawing Contest 0.0.1 allows remote attackers to bypass authentication, and insert new contest information into a database, via a direct POST request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070313 Re: Weekly Drawing Contest <= (check_vote.php) Remote File Disclosure Vuln", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462702/100/100/threaded" + }, + { + "name": "2453", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2453" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1710.json b/2007/1xxx/CVE-2007-1710.json index e04b98c2895..2c5ed231d98 100644 --- a/2007/1xxx/CVE-2007-1710.json +++ b/2007/1xxx/CVE-2007-1710.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1710", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a \"php://../../\" sequence." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1710", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3573", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3573" - }, - { - "name" : "HPSBMA02215", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" - }, - { - "name" : "SSRT071423", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" - }, - { - "name" : "HPSBTU02232", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" - }, - { - "name" : "SSRT071429", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" - }, - { - "name" : "ADV-2007-1991", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1991" - }, - { - "name" : "ADV-2007-2374", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2374" - }, - { - "name" : "25423", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25423" - }, - { - "name" : "25850", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25850" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a \"php://../../\" sequence." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1991", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1991" + }, + { + "name": "SSRT071423", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" + }, + { + "name": "HPSBTU02232", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" + }, + { + "name": "SSRT071429", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137" + }, + { + "name": "ADV-2007-2374", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2374" + }, + { + "name": "25423", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25423" + }, + { + "name": "HPSBMA02215", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506" + }, + { + "name": "25850", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25850" + }, + { + "name": "3573", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3573" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1959.json b/2007/1xxx/CVE-2007-1959.json index 241e7ff26f4..f1178cbde6f 100644 --- a/2007/1xxx/CVE-2007-1959.json +++ b/2007/1xxx/CVE-2007-1959.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1959", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vectors, related to lack of the \"'other half' of buffer overflow protection.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1959", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.tinymux.org/changes.txt", - "refsource" : "CONFIRM", - "url" : "http://www.tinymux.org/changes.txt" - }, - { - "name" : "ADV-2007-1213", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1213" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vectors, related to lack of the \"'other half' of buffer overflow protection.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1213", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1213" + }, + { + "name": "http://www.tinymux.org/changes.txt", + "refsource": "CONFIRM", + "url": "http://www.tinymux.org/changes.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4799.json b/2007/4xxx/CVE-2007-4799.json index 254b2517c3d..b970896f43c 100644 --- a/2007/4xxx/CVE-2007-4799.json +++ b/2007/4xxx/CVE-2007-4799.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4799", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4799", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3850", - "refsource" : "CONFIRM", - "url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3850" - }, - { - "name" : "IY97309", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IY97309" - }, - { - "name" : "25554", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25554" - }, - { - "name" : "ADV-2007-3059", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3059" - }, - { - "name" : "40392", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40392" - }, - { - "name" : "26715", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26715" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26715", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26715" + }, + { + "name": "ADV-2007-3059", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3059" + }, + { + "name": "40392", + "refsource": "OSVDB", + "url": "http://osvdb.org/40392" + }, + { + "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3850", + "refsource": "CONFIRM", + "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3850" + }, + { + "name": "IY97309", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY97309" + }, + { + "name": "25554", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25554" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4951.json b/2007/4xxx/CVE-2007-4951.json index 745e6097880..dbecd19aa72 100644 --- a/2007/4xxx/CVE-2007-4951.json +++ b/2007/4xxx/CVE-2007-4951.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4951", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** PHP remote file inclusion vulnerability in sample.php in YaPiG 0.95b allows remote attackers to execute arbitrary PHP code via a URL in the YAPIG_PATH parameter. NOTE: this issue has been disputed by CVE, since YAPIG_PATH is defined before use." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4951", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://arfis.wordpress.com/2007/09/14/rfi-03-yapig-yet-another-php-image-gallery/", - "refsource" : "MISC", - "url" : "http://arfis.wordpress.com/2007/09/14/rfi-03-yapig-yet-another-php-image-gallery/" - }, - { - "name" : "42519", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42519" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** PHP remote file inclusion vulnerability in sample.php in YaPiG 0.95b allows remote attackers to execute arbitrary PHP code via a URL in the YAPIG_PATH parameter. NOTE: this issue has been disputed by CVE, since YAPIG_PATH is defined before use." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42519", + "refsource": "OSVDB", + "url": "http://osvdb.org/42519" + }, + { + "name": "http://arfis.wordpress.com/2007/09/14/rfi-03-yapig-yet-another-php-image-gallery/", + "refsource": "MISC", + "url": "http://arfis.wordpress.com/2007/09/14/rfi-03-yapig-yet-another-php-image-gallery/" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5658.json b/2007/5xxx/CVE-2007-5658.json index df13084cd2b..9553de3c717 100644 --- a/2007/5xxx/CVE-2007-5658.json +++ b/2007/5xxx/CVE-2007-5658.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5658", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5658", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080115 TIBCO SmartSockets RTserver Heap Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638" - }, - { - "name" : "http://www.tibco.com/mk/advisory.jsp", - "refsource" : "CONFIRM", - "url" : "http://www.tibco.com/mk/advisory.jsp" - }, - { - "name" : "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt", - "refsource" : "CONFIRM", - "url" : "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt" - }, - { - "name" : "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt", - "refsource" : "CONFIRM", - "url" : "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt" - }, - { - "name" : "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt", - "refsource" : "CONFIRM", - "url" : "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt" - }, - { - "name" : "27294", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27294" - }, - { - "name" : "ADV-2008-0173", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0173" - }, - { - "name" : "1019193", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019193" - }, - { - "name" : "28490", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28490" - }, - { - "name" : "tibco-rtserver-bo(39703)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39703" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27294", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27294" + }, + { + "name": "tibco-rtserver-bo(39703)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39703" + }, + { + "name": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt", + "refsource": "CONFIRM", + "url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt" + }, + { + "name": "20080115 TIBCO SmartSockets RTserver Heap Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638" + }, + { + "name": "28490", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28490" + }, + { + "name": "1019193", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019193" + }, + { + "name": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt", + "refsource": "CONFIRM", + "url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt" + }, + { + "name": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt", + "refsource": "CONFIRM", + "url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt" + }, + { + "name": "http://www.tibco.com/mk/advisory.jsp", + "refsource": "CONFIRM", + "url": "http://www.tibco.com/mk/advisory.jsp" + }, + { + "name": "ADV-2008-0173", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0173" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5845.json b/2007/5xxx/CVE-2007-5845.json index 25444826b83..428407c6118 100644 --- a/2007/5xxx/CVE-2007-5845.json +++ b/2007/5xxx/CVE-2007-5845.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5845", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in error.php in GuppY 4.6.3, 4.5.16, and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter. NOTE: this can be leveraged to bypass authentication and upload arbitrary files by including admin/inc/upload.inc and specifying certain multipart/form-data input for admin/inc/upload.inc." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5845", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3221", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3221" - }, - { - "name" : "4602", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4602" - }, - { - "name" : "http://retrogod.altervista.org/guppy_4516_cmd.html", - "refsource" : "MISC", - "url" : "http://retrogod.altervista.org/guppy_4516_cmd.html" - }, - { - "name" : "38492", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38492" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in error.php in GuppY 4.6.3, 4.5.16, and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the id parameter. NOTE: this can be leveraged to bypass authentication and upload arbitrary files by including admin/inc/upload.inc and specifying certain multipart/form-data input for admin/inc/upload.inc." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38492", + "refsource": "OSVDB", + "url": "http://osvdb.org/38492" + }, + { + "name": "http://retrogod.altervista.org/guppy_4516_cmd.html", + "refsource": "MISC", + "url": "http://retrogod.altervista.org/guppy_4516_cmd.html" + }, + { + "name": "3221", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3221" + }, + { + "name": "4602", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4602" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5872.json b/2007/5xxx/CVE-2007-5872.json index ddfd368c50a..68f7f8a25fb 100644 --- a/2007/5xxx/CVE-2007-5872.json +++ b/2007/5xxx/CVE-2007-5872.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5872", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5872", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3408.json b/2015/3xxx/CVE-2015-3408.json index b9605130679..d61df8b8648 100644 --- a/2015/3xxx/CVE-2015-3408.json +++ b/2015/3xxx/CVE-2015-3408.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3408", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3408", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150406 CVE request: Module::Signature before 0.75 - multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/04/07/1" - }, - { - "name" : "[oss-security] 20150423 Re: CVE request: Module::Signature before 0.75 - multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/04/23/17" - }, - { - "name" : "https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f", - "refsource" : "CONFIRM", - "url" : "https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f" - }, - { - "name" : "https://metacpan.org/changes/distribution/Module-Signature", - "refsource" : "CONFIRM", - "url" : "https://metacpan.org/changes/distribution/Module-Signature" - }, - { - "name" : "DSA-3261", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3261" - }, - { - "name" : "USN-2607-1", - "refsource" : "UBUNTU", - "url" : "http://ubuntu.com/usn/usn-2607-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://metacpan.org/changes/distribution/Module-Signature", + "refsource": "CONFIRM", + "url": "https://metacpan.org/changes/distribution/Module-Signature" + }, + { + "name": "DSA-3261", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3261" + }, + { + "name": "[oss-security] 20150406 CVE request: Module::Signature before 0.75 - multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/04/07/1" + }, + { + "name": "https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f", + "refsource": "CONFIRM", + "url": "https://github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372f" + }, + { + "name": "[oss-security] 20150423 Re: CVE request: Module::Signature before 0.75 - multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/04/23/17" + }, + { + "name": "USN-2607-1", + "refsource": "UBUNTU", + "url": "http://ubuntu.com/usn/usn-2607-1" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3690.json b/2015/3xxx/CVE-2015-3690.json index 5e08dd50f0e..34982097703 100644 --- a/2015/3xxx/CVE-2015-3690.json +++ b/2015/3xxx/CVE-2015-3690.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3690", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3690", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT204941", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204941" - }, - { - "name" : "http://support.apple.com/kb/HT204942", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204942" - }, - { - "name" : "APPLE-SA-2015-06-30-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-06-30-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" - }, - { - "name" : "75491", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75491" - }, - { - "name" : "1032760", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032760" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The DiskImages subsystem in Apple iOS before 8.4 and OS X before 10.10.4 allows attackers to obtain sensitive memory-layout information for the kernel via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "75491", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75491" + }, + { + "name": "http://support.apple.com/kb/HT204941", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204941" + }, + { + "name": "APPLE-SA-2015-06-30-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" + }, + { + "name": "1032760", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032760" + }, + { + "name": "http://support.apple.com/kb/HT204942", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204942" + }, + { + "name": "APPLE-SA-2015-06-30-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3820.json b/2015/3xxx/CVE-2015-3820.json index 0a38e881866..155ca64ee8c 100644 --- a/2015/3xxx/CVE-2015-3820.json +++ b/2015/3xxx/CVE-2015-3820.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3820", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3820", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3922.json b/2015/3xxx/CVE-2015-3922.json index ebbe1e08800..60ae1bd087e 100644 --- a/2015/3xxx/CVE-2015-3922.json +++ b/2015/3xxx/CVE-2015-3922.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3922", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Open redirect vulnerability in mode.php in Coppermine Photo Gallery before 1.5.36 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3922", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html" - }, - { - "name" : "http://forum.coppermine-gallery.net/index.php/topic,78194.0.html", - "refsource" : "CONFIRM", - "url" : "http://forum.coppermine-gallery.net/index.php/topic,78194.0.html" - }, - { - "name" : "74869", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74869" - }, - { - "name" : "1032558", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032558" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Open redirect vulnerability in mode.php in Coppermine Photo Gallery before 1.5.36 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/132004/Coppermine-Gallery-1.5.34-XSS-Open-Redirection.html" + }, + { + "name": "74869", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74869" + }, + { + "name": "1032558", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032558" + }, + { + "name": "http://forum.coppermine-gallery.net/index.php/topic,78194.0.html", + "refsource": "CONFIRM", + "url": "http://forum.coppermine-gallery.net/index.php/topic,78194.0.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6162.json b/2015/6xxx/CVE-2015-6162.json index 429edb27347..f3e40df9efa 100644 --- a/2015/6xxx/CVE-2015-6162.json +++ b/2015/6xxx/CVE-2015-6162.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6162", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6152." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6162", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-124", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124" - }, - { - "name" : "1034315", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034315" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6152." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034315", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034315" + }, + { + "name": "MS15-124", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6540.json b/2015/6xxx/CVE-2015-6540.json index ae4ef869298..b02339173a2 100644 --- a/2015/6xxx/CVE-2015-6540.json +++ b/2015/6xxx/CVE-2015-6540.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6540", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Intellect Design Arena Intellect Core banking software." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6540", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151209 XSS vulnerability in Intellect Core banking software - Polaris", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537068/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/134767/Intellect-Core-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134767/Intellect-Core-Cross-Site-Scripting.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Intellect Design Arena Intellect Core banking software." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/134767/Intellect-Core-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134767/Intellect-Core-Cross-Site-Scripting.html" + }, + { + "name": "20151209 XSS vulnerability in Intellect Core banking software - Polaris", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537068/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6840.json b/2015/6xxx/CVE-2015-6840.json index df889c13751..8a5ab6878eb 100644 --- a/2015/6xxx/CVE-2015-6840.json +++ b/2015/6xxx/CVE-2015-6840.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6840", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6840", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7004.json b/2015/7xxx/CVE-2015-7004.json index b25e6414a7e..eacef2f40fd 100644 --- a/2015/7xxx/CVE-2015-7004.json +++ b/2015/7xxx/CVE-2015-7004.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7004", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Apple iOS before 9.1 allows attackers to cause a denial of service via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7004", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205370", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205370" - }, - { - "name" : "APPLE-SA-2015-10-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" - }, - { - "name" : "77268", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77268" - }, - { - "name" : "1033929", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033929" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Apple iOS before 9.1 allows attackers to cause a denial of service via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-10-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" + }, + { + "name": "https://support.apple.com/HT205370", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205370" + }, + { + "name": "1033929", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033929" + }, + { + "name": "77268", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77268" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7106.json b/2015/7xxx/CVE-2015-7106.json index 9b8d6e9e7c2..51b2177f005 100644 --- a/2015/7xxx/CVE-2015-7106.json +++ b/2015/7xxx/CVE-2015-7106.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7106", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7106", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39369", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39369/" - }, - { - "name" : "https://support.apple.com/HT205637", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205637" - }, - { - "name" : "APPLE-SA-2015-12-08-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" - }, - { - "name" : "1034344", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205637", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205637" + }, + { + "name": "1034344", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034344" + }, + { + "name": "39369", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39369/" + }, + { + "name": "APPLE-SA-2015-12-08-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7542.json b/2015/7xxx/CVE-2015-7542.json index 794e5693b3c..0dd0bcb3e38 100644 --- a/2015/7xxx/CVE-2015-7542.json +++ b/2015/7xxx/CVE-2015-7542.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7542", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7542", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7590.json b/2015/7xxx/CVE-2015-7590.json index cb7ad787c7b..37f61faab5a 100644 --- a/2015/7xxx/CVE-2015-7590.json +++ b/2015/7xxx/CVE-2015-7590.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7590", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7590", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8218.json b/2015/8xxx/CVE-2015-8218.json index d4269d301b7..d7ad1b4df90 100644 --- a/2015/8xxx/CVE-2015-8218.json +++ b/2015/8xxx/CVE-2015-8218.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8218", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8218", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d4a731b84a08f0f3839eaaaf82e97d8d9c67da46", - "refsource" : "CONFIRM", - "url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d4a731b84a08f0f3839eaaaf82e97d8d9c67da46" - }, - { - "name" : "openSUSE-SU-2015:2120", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00146.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:2120", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00146.html" + }, + { + "name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d4a731b84a08f0f3839eaaaf82e97d8d9c67da46", + "refsource": "CONFIRM", + "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d4a731b84a08f0f3839eaaaf82e97d8d9c67da46" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0176.json b/2016/0xxx/CVE-2016-0176.json index 2959a3dddf2..d53b560c0e0 100644 --- a/2016/0xxx/CVE-2016-0176.json +++ b/2016/0xxx/CVE-2016-0176.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0176", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka \"Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0176", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-284", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-284" - }, - { - "name" : "MS16-062", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-062" - }, - { - "name" : "90052", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90052" - }, - { - "name" : "1035841", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035841" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka \"Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035841", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035841" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-284", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-284" + }, + { + "name": "MS16-062", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-062" + }, + { + "name": "90052", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90052" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0329.json b/2016/0xxx/CVE-2016-0329.json index c25c0d1c7fb..1fb3bbde049 100644 --- a/2016/0xxx/CVE-2016-0329.json +++ b/2016/0xxx/CVE-2016-0329.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0329", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Open redirect vulnerability in IBM Emptoris Sourcing 10.0.0.x before 10.0.0.1_iFix3, 10.0.1.x before 10.0.1.3_iFix3, 10.0.2.x before 10.0.2.8_iFix1, 10.0.4.0 before 10.0.4.0_iFix8, and 10.1.0.0 before 10.1.0.0_iFix3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 111692." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0329", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21982629", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21982629" - }, - { - "name" : "ibm-emptoris-cve20160329-url-redirect(111692)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/111692" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Open redirect vulnerability in IBM Emptoris Sourcing 10.0.0.x before 10.0.0.1_iFix3, 10.0.1.x before 10.0.1.3_iFix3, 10.0.2.x before 10.0.2.8_iFix1, 10.0.4.0 before 10.0.4.0_iFix8, and 10.1.0.0 before 10.1.0.0_iFix3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 111692." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-emptoris-cve20160329-url-redirect(111692)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/111692" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21982629", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982629" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0546.json b/2016/0xxx/CVE-2016-0546.json index 5be357720b6..b4b7b280162 100644 --- a/2016/0xxx/CVE-2016-0546.json +++ b/2016/0xxx/CVE-2016-0546.json @@ -1,187 +1,187 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0546", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0546", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mdb-10023-rn/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mdb-10023-rn/" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1301493", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1301493" - }, - { - "name" : "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html", - "refsource" : "CONFIRM", - "url" : "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html" - }, - { - "name" : "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html", - "refsource" : "CONFIRM", - "url" : "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html" - }, - { - "name" : "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", - "refsource" : "CONFIRM", - "url" : "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "DSA-3453", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3453" - }, - { - "name" : "DSA-3459", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3459" - }, - { - "name" : "RHSA-2016:0534", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0534.html" - }, - { - "name" : "RHSA-2016:0705", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html" - }, - { - "name" : "RHSA-2016:1132", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1132" - }, - { - "name" : "RHSA-2016:1480", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html" - }, - { - "name" : "RHSA-2016:1481", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1481.html" - }, - { - "name" : "openSUSE-SU-2016:0367", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html" - }, - { - "name" : "openSUSE-SU-2016:1686", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html" - }, - { - "name" : "SUSE-SU-2016:1619", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html" - }, - { - "name" : "SUSE-SU-2016:1620", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html" - }, - { - "name" : "openSUSE-SU-2016:1664", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html" - }, - { - "name" : "openSUSE-SU-2016:0377", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html" - }, - { - "name" : "USN-2881-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2881-1" - }, - { - "name" : "81066", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81066" - }, - { - "name" : "1034708", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034708" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1620", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html" + }, + { + "name": "RHSA-2016:1481", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html" + }, + { + "name": "openSUSE-SU-2016:0367", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html" + }, + { + "name": "RHSA-2016:1132", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1132" + }, + { + "name": "DSA-3459", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3459" + }, + { + "name": "1034708", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034708" + }, + { + "name": "RHSA-2016:0534", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0534.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "SUSE-SU-2016:1619", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "RHSA-2016:1480", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html" + }, + { + "name": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f", + "refsource": "CONFIRM", + "url": "https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f" + }, + { + "name": "openSUSE-SU-2016:1664", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "81066", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81066" + }, + { + "name": "https://mariadb.com/kb/en/mdb-10023-rn/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mdb-10023-rn/" + }, + { + "name": "USN-2881-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2881-1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1301493", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301493" + }, + { + "name": "openSUSE-SU-2016:0377", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html" + }, + { + "name": "DSA-3453", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3453" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/" + }, + { + "name": "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html", + "refsource": "CONFIRM", + "url": "https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html" + }, + { + "name": "openSUSE-SU-2016:1686", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/" + }, + { + "name": "RHSA-2016:0705", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html" + }, + { + "name": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html", + "refsource": "CONFIRM", + "url": "https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0740.json b/2016/0xxx/CVE-2016-0740.json index 97154b20ae7..fc118751153 100644 --- a/2016/0xxx/CVE-2016-0740.json +++ b/2016/0xxx/CVE-2016-0740.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0740", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0740", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst", - "refsource" : "CONFIRM", - "url" : "https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst" - }, - { - "name" : "https://github.com/python-pillow/Pillow/commit/6dcbf5bd96b717c58d7b642949da8d323099928e", - "refsource" : "CONFIRM", - "url" : "https://github.com/python-pillow/Pillow/commit/6dcbf5bd96b717c58d7b642949da8d323099928e" - }, - { - "name" : "DSA-3499", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3499" - }, - { - "name" : "GLSA-201612-52", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-52" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201612-52", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-52" + }, + { + "name": "DSA-3499", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3499" + }, + { + "name": "https://github.com/python-pillow/Pillow/commit/6dcbf5bd96b717c58d7b642949da8d323099928e", + "refsource": "CONFIRM", + "url": "https://github.com/python-pillow/Pillow/commit/6dcbf5bd96b717c58d7b642949da8d323099928e" + }, + { + "name": "https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst", + "refsource": "CONFIRM", + "url": "https://github.com/python-pillow/Pillow/blob/c3cb690fed5d4bf0c45576759de55d054916c165/CHANGES.rst" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0741.json b/2016/0xxx/CVE-2016-0741.json index 064096ce9e2..e67afb9c7bb 100644 --- a/2016/0xxx/CVE-2016-0741.json +++ b/2016/0xxx/CVE-2016-0741.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0741", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0741", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html", - "refsource" : "CONFIRM", - "url" : "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html" - }, - { - "name" : "https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/", - "refsource" : "CONFIRM", - "url" : "https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/" - }, - { - "name" : "https://fedorahosted.org/389/ticket/48412", - "refsource" : "CONFIRM", - "url" : "https://fedorahosted.org/389/ticket/48412" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "RHSA-2016:0204", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0204.html" - }, - { - "name" : "82343", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/82343" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "slapd/connection.c in 389 Directory Server (formerly Fedora Directory Server) 1.3.4.x before 1.3.4.7 allows remote attackers to cause a denial of service (infinite loop and connection blocking) by leveraging an abnormally closed connection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://fedorahosted.org/389/ticket/48412", + "refsource": "CONFIRM", + "url": "https://fedorahosted.org/389/ticket/48412" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/", + "refsource": "CONFIRM", + "url": "https://fedorahosted.org/389/changeset/cd45d032421b0ecf76d8cbb9b1c3aeef7680d9a2/" + }, + { + "name": "RHSA-2016:0204", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0204.html" + }, + { + "name": "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html", + "refsource": "CONFIRM", + "url": "http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-4-7.html" + }, + { + "name": "82343", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/82343" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0768.json b/2016/0xxx/CVE-2016-0768.json index ffa988cf4cc..21b3a2cffe1 100644 --- a/2016/0xxx/CVE-2016-0768.json +++ b/2016/0xxx/CVE-2016-0768.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0768", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PostgreSQL PL/Java after 9.0 does not honor access controls on large objects." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0768", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://tada.github.io/pljava/releasenotes.html", - "refsource" : "CONFIRM", - "url" : "https://tada.github.io/pljava/releasenotes.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PostgreSQL PL/Java after 9.0 does not honor access controls on large objects." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://tada.github.io/pljava/releasenotes.html", + "refsource": "CONFIRM", + "url": "https://tada.github.io/pljava/releasenotes.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1100.json b/2016/1xxx/CVE-2016-1100.json index 1cf5382109f..af0df457f43 100644 --- a/2016/1xxx/CVE-2016-1100.json +++ b/2016/1xxx/CVE-2016-1100.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1100", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1100", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" - }, - { - "name" : "MS16-064", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064" - }, - { - "name" : "RHSA-2016:1079", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1079.html" - }, - { - "name" : "SUSE-SU-2016:1305", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" - }, - { - "name" : "90618", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90618" - }, - { - "name" : "1035827", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035827" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1305", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" + }, + { + "name": "90618", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90618" + }, + { + "name": "1035827", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035827" + }, + { + "name": "MS16-064", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" + }, + { + "name": "RHSA-2016:1079", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1181.json b/2016/1xxx/CVE-2016-1181.json index b71afc560e5..eacc6de6ac5 100644 --- a/2016/1xxx/CVE-2016-1181.json +++ b/2016/1xxx/CVE-2016-1181.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1181", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1181", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343538", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343538" - }, - { - "name" : "https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8", - "refsource" : "CONFIRM", - "url" : "https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8" - }, - { - "name" : "https://security-tracker.debian.org/tracker/CVE-2016-1181", - "refsource" : "CONFIRM", - "url" : "https://security-tracker.debian.org/tracker/CVE-2016-1181" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180629-0006/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180629-0006/" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" - }, - { - "name" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource" : "CONFIRM", - "url" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name" : "JVN#03188560", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN03188560/index.html" - }, - { - "name" : "JVNDB-2016-000096", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000096" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91068", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91068" - }, - { - "name" : "1036056", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036056" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000096", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000096" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180629-0006/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180629-0006/" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8", + "refsource": "CONFIRM", + "url": "https://github.com/kawasima/struts1-forever/commit/eda3a79907ed8fcb0387a0496d0cb14332f250e8" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343538", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343538" + }, + { + "name": "91068", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91068" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" + }, + { + "name": "1036056", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036056" + }, + { + "name": "JVN#03188560", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN03188560/index.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "https://security-tracker.debian.org/tracker/CVE-2016-1181", + "refsource": "CONFIRM", + "url": "https://security-tracker.debian.org/tracker/CVE-2016-1181" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1202.json b/2016/1xxx/CVE-2016-1202.json index 110c032e7e6..f6880c1b80f 100644 --- a/2016/1xxx/CVE-2016-1202.json +++ b/2016/1xxx/CVE-2016-1202.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1202", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in Atom Electron before 0.33.5 allows local users to gain privileges via a Trojan horse Node.js module in a parent directory of a directory named on a require line." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1202", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/electron/electron/commit/9a2e2b365d061ec10cd861391fd5b1344af7194d", - "refsource" : "CONFIRM", - "url" : "https://github.com/electron/electron/commit/9a2e2b365d061ec10cd861391fd5b1344af7194d" - }, - { - "name" : "https://github.com/electron/electron/pull/2976", - "refsource" : "CONFIRM", - "url" : "https://github.com/electron/electron/pull/2976" - }, - { - "name" : "JVN#00324715", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN00324715/index.html" - }, - { - "name" : "JVNDB-2016-000054", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000054" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in Atom Electron before 0.33.5 allows local users to gain privileges via a Trojan horse Node.js module in a parent directory of a directory named on a require line." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/electron/electron/commit/9a2e2b365d061ec10cd861391fd5b1344af7194d", + "refsource": "CONFIRM", + "url": "https://github.com/electron/electron/commit/9a2e2b365d061ec10cd861391fd5b1344af7194d" + }, + { + "name": "JVNDB-2016-000054", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000054" + }, + { + "name": "https://github.com/electron/electron/pull/2976", + "refsource": "CONFIRM", + "url": "https://github.com/electron/electron/pull/2976" + }, + { + "name": "JVN#00324715", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN00324715/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1475.json b/2016/1xxx/CVE-2016-1475.json index 20a2c729ae7..0e8c12b46fc 100644 --- a/2016/1xxx/CVE-2016-1475.json +++ b/2016/1xxx/CVE-2016-1475.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1475", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1475", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1499.json b/2016/1xxx/CVE-2016-1499.json index fe228d49547..08ff2b07b38 100644 --- a/2016/1xxx/CVE-2016-1499.json +++ b/2016/1xxx/CVE-2016-1499.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1499", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/scan.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1499", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160219 [SYSS-2015-062] ownCloud - Information Exposure Through Directory Listing (CWE-548)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537556/100/0/threaded" - }, - { - "name" : "20160107 [SYSS-2015-062] ownCloud Information Exposure Through Directory Listing (CVE-2016-1499)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537244/100/0/threaded" - }, - { - "name" : "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2015-062.txt", - "refsource" : "MISC", - "url" : "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2015-062.txt" - }, - { - "name" : "http://packetstormsecurity.com/files/135158/ownCloud-8.2.1-8.1.4-8.0.9-Information-Exposure.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135158/ownCloud-8.2.1-8.1.4-8.0.9-Information-Exposure.html" - }, - { - "name" : "https://owncloud.org/security/advisory/?id=oc-sa-2016-002", - "refsource" : "CONFIRM", - "url" : "https://owncloud.org/security/advisory/?id=oc-sa-2016-002" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/scan.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160107 [SYSS-2015-062] ownCloud Information Exposure Through Directory Listing (CVE-2016-1499)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537244/100/0/threaded" + }, + { + "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2015-062.txt", + "refsource": "MISC", + "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2015-062.txt" + }, + { + "name": "http://packetstormsecurity.com/files/135158/ownCloud-8.2.1-8.1.4-8.0.9-Information-Exposure.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135158/ownCloud-8.2.1-8.1.4-8.0.9-Information-Exposure.html" + }, + { + "name": "20160219 [SYSS-2015-062] ownCloud - Information Exposure Through Directory Listing (CWE-548)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537556/100/0/threaded" + }, + { + "name": "https://owncloud.org/security/advisory/?id=oc-sa-2016-002", + "refsource": "CONFIRM", + "url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-002" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4319.json b/2016/4xxx/CVE-2016-4319.json index 5fa48507432..e54900f37e7 100644 --- a/2016/4xxx/CVE-2016-4319.json +++ b/2016/4xxx/CVE-2016-4319.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-4319", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Atlassian JIRA Server before 7.1.9", - "version" : { - "version_data" : [ - { - "version_value" : "Atlassian JIRA Server before 7.1.9" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CSRF" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-4319", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Atlassian JIRA Server before 7.1.9", + "version": { + "version_data": [ + { + "version_value": "Atlassian JIRA Server before 7.1.9" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://jira.atlassian.com/browse/JRASERVER-61803", - "refsource" : "MISC", - "url" : "https://jira.atlassian.com/browse/JRASERVER-61803" - }, - { - "name" : "https://jira.atlassian.com/browse/JRA-61803", - "refsource" : "MISC", - "url" : "https://jira.atlassian.com/browse/JRA-61803" - }, - { - "name" : "https://confluence.atlassian.com/jiracore/jira-core-7-1-x-release-notes-802161668.html#JIRACore7.1.xreleasenotes-v7.1.9v7.1.9-06July2016", - "refsource" : "CONFIRM", - "url" : "https://confluence.atlassian.com/jiracore/jira-core-7-1-x-release-notes-802161668.html#JIRACore7.1.xreleasenotes-v7.1.9v7.1.9-06July2016" - }, - { - "name" : "https://jira.atlassian.com/secure/ReleaseNote.jspa?projectId=10240&version=62034", - "refsource" : "CONFIRM", - "url" : "https://jira.atlassian.com/secure/ReleaseNote.jspa?projectId=10240&version=62034" - }, - { - "name" : "97517", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97517" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CSRF" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "97517", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97517" + }, + { + "name": "https://jira.atlassian.com/secure/ReleaseNote.jspa?projectId=10240&version=62034", + "refsource": "CONFIRM", + "url": "https://jira.atlassian.com/secure/ReleaseNote.jspa?projectId=10240&version=62034" + }, + { + "name": "https://jira.atlassian.com/browse/JRASERVER-61803", + "refsource": "MISC", + "url": "https://jira.atlassian.com/browse/JRASERVER-61803" + }, + { + "name": "https://confluence.atlassian.com/jiracore/jira-core-7-1-x-release-notes-802161668.html#JIRACore7.1.xreleasenotes-v7.1.9v7.1.9-06July2016", + "refsource": "CONFIRM", + "url": "https://confluence.atlassian.com/jiracore/jira-core-7-1-x-release-notes-802161668.html#JIRACore7.1.xreleasenotes-v7.1.9v7.1.9-06July2016" + }, + { + "name": "https://jira.atlassian.com/browse/JRA-61803", + "refsource": "MISC", + "url": "https://jira.atlassian.com/browse/JRA-61803" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5072.json b/2016/5xxx/CVE-2016-5072.json index ca3ab3ad4df..930af6c82fa 100644 --- a/2016/5xxx/CVE-2016-5072.json +++ b/2016/5xxx/CVE-2016-5072.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-5072", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "OXID eShop before 2016-06-13", - "version" : { - "version_data" : [ - { - "version_value" : "OXID eShop before 2016-06-13" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OXID eShop before 2016-06-13 allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class. Fixed versions are Enterprise Edition v5.1.12, Enterprise Edition v5.2.9, Professional Edition v4.8.12, Professional Edition v4.9.9, Community Edition v4.8.12, Community Edition v4.9.9." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "RCE" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-5072", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "OXID eShop before 2016-06-13", + "version": { + "version_data": [ + { + "version_value": "OXID eShop before 2016-06-13" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://oxidforge.org/en/security-bulletin-2016-001.html", - "refsource" : "MISC", - "url" : "https://oxidforge.org/en/security-bulletin-2016-001.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OXID eShop before 2016-06-13 allows remote attackers to execute arbitrary code via a GET or POST request to the oxuser class. Fixed versions are Enterprise Edition v5.1.12, Enterprise Edition v5.2.9, Professional Edition v4.8.12, Professional Edition v4.9.9, Community Edition v4.8.12, Community Edition v4.9.9." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "RCE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://oxidforge.org/en/security-bulletin-2016-001.html", + "refsource": "MISC", + "url": "https://oxidforge.org/en/security-bulletin-2016-001.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5235.json b/2016/5xxx/CVE-2016-5235.json index b2d22e1c368..bda6f6a931c 100644 --- a/2016/5xxx/CVE-2016-5235.json +++ b/2016/5xxx/CVE-2016-5235.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5235", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5235", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0053.json b/2019/0xxx/CVE-2019-0053.json index bdfc9bd2af4..fc7f5b2d624 100644 --- a/2019/0xxx/CVE-2019-0053.json +++ b/2019/0xxx/CVE-2019-0053.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0053", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0053", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0261.json b/2019/0xxx/CVE-2019-0261.json index dbaa24a11d5..2437bea14ea 100644 --- a/2019/0xxx/CVE-2019-0261.json +++ b/2019/0xxx/CVE-2019-0261.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2019-0261", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP HANA Extended Application Services", - "version" : { - "version_data" : [ - { - "version_name" : "<", - "version_value" : "1.0.97 to 1.0.99 (running on SAP HANA 1 or SAP HANA 2 SPS0 (second S stands for stack)" - } - ] - } - } - ] - }, - "vendor_name" : "SAP SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users. Fixed in 1.0.97 to 1.0.99 (running on SAP HANA 1 or SAP HANA 2 SPS0 (second S stands for stack))." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Authentication Check" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2019-0261", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP HANA Extended Application Services", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "1.0.97 to 1.0.99 (running on SAP HANA 1 or SAP HANA 2 SPS0 (second S stands for stack)" + } + ] + } + } + ] + }, + "vendor_name": "SAP SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2742027", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2742027" - }, - { - "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943", - "refsource" : "MISC", - "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943" - }, - { - "name" : "106986", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106986" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users. Fixed in 1.0.97 to 1.0.99 (running on SAP HANA 1 or SAP HANA 2 SPS0 (second S stands for stack))." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Authentication Check" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943", + "refsource": "MISC", + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943" + }, + { + "name": "https://launchpad.support.sap.com/#/notes/2742027", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2742027" + }, + { + "name": "106986", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106986" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0801.json b/2019/0xxx/CVE-2019-0801.json index 254a16255ab..11a14444135 100644 --- a/2019/0xxx/CVE-2019-0801.json +++ b/2019/0xxx/CVE-2019-0801.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0801", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0801", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0845.json b/2019/0xxx/CVE-2019-0845.json index ad41a172fac..35b75b9cd69 100644 --- a/2019/0xxx/CVE-2019-0845.json +++ b/2019/0xxx/CVE-2019-0845.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0845", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0845", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1026.json b/2019/1xxx/CVE-2019-1026.json index 9ed006e3522..8293585ae5d 100644 --- a/2019/1xxx/CVE-2019-1026.json +++ b/2019/1xxx/CVE-2019-1026.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1026", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1026", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1028.json b/2019/1xxx/CVE-2019-1028.json index 55b780e8a3d..d5d58d2bd86 100644 --- a/2019/1xxx/CVE-2019-1028.json +++ b/2019/1xxx/CVE-2019-1028.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1028", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1028", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1167.json b/2019/1xxx/CVE-2019-1167.json index 90fb76cf838..c389d5399b7 100644 --- a/2019/1xxx/CVE-2019-1167.json +++ b/2019/1xxx/CVE-2019-1167.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1167", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1167", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1503.json b/2019/1xxx/CVE-2019-1503.json index 63990527f56..bd0e78ac5e6 100644 --- a/2019/1xxx/CVE-2019-1503.json +++ b/2019/1xxx/CVE-2019-1503.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1503", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1503", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3223.json b/2019/3xxx/CVE-2019-3223.json index 27f00b595ce..968910d8273 100644 --- a/2019/3xxx/CVE-2019-3223.json +++ b/2019/3xxx/CVE-2019-3223.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3223", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3223", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3562.json b/2019/3xxx/CVE-2019-3562.json index 66de5e38721..447e85c9955 100644 --- a/2019/3xxx/CVE-2019-3562.json +++ b/2019/3xxx/CVE-2019-3562.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3562", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3562", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3587.json b/2019/3xxx/CVE-2019-3587.json index 64e15b1bd79..ce157e38214 100644 --- a/2019/3xxx/CVE-2019-3587.json +++ b/2019/3xxx/CVE-2019-3587.json @@ -1,84 +1,84 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@mcafee.com", - "ID" : "CVE-2019-3587", - "STATE" : "PUBLIC", - "TITLE" : "DLL Search Order Hijacking vulnerability" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Total Protection (MTP)", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_name" : "All", - "version_value" : "16.0.R18" - } - ] - } - } - ] - }, - "vendor_name" : "Mcafee" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Prior to 16.0.18 allows local users to execute arbitrary code via execution from a compromised folder." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "HIGH", - "attackVector" : "LOCAL", - "availabilityImpact" : "HIGH", - "baseScore" : 7.2, - "baseSeverity" : "HIGH", - "confidentialityImpact" : "HIGH", - "integrityImpact" : "HIGH", - "privilegesRequired" : "HIGH", - "scope" : "CHANGED", - "userInteraction" : "REQUIRED", - "vectorString" : "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "DLL Search Order Hijacking vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@mcafee.com", + "ID": "CVE-2019-3587", + "STATE": "PUBLIC", + "TITLE": "DLL Search Order Hijacking vulnerability" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Total Protection (MTP)", + "version": { + "version_data": [ + { + "affected": "<", + "version_name": "All", + "version_value": "16.0.R18" + } + ] + } + } + ] + }, + "vendor_name": "Mcafee" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://service.mcafee.com/FAQDocument.aspx?&id=TS102887", - "refsource" : "MISC", - "url" : "http://service.mcafee.com/FAQDocument.aspx?&id=TS102887" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Prior to 16.0.18 allows local users to execute arbitrary code via execution from a compromised folder." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DLL Search Order Hijacking vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://service.mcafee.com/FAQDocument.aspx?&id=TS102887", + "refsource": "MISC", + "url": "http://service.mcafee.com/FAQDocument.aspx?&id=TS102887" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3776.json b/2019/3xxx/CVE-2019-3776.json index ce7bc6ad105..d350e94ad81 100644 --- a/2019/3xxx/CVE-2019-3776.json +++ b/2019/3xxx/CVE-2019-3776.json @@ -1,105 +1,105 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@dell.com", - "DATE_PUBLIC" : "2019-02-20T00:00:00.000Z", - "ID" : "CVE-2019-3776", - "STATE" : "PUBLIC", - "TITLE" : "Reflected XSS in Pivotal Operations Manager " - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Pivotal Ops Manager", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_name" : "2.2", - "version_value" : "2.2.16" - }, - { - "affected" : "<", - "version_name" : "2.3", - "version_value" : "2.3.10" - }, - { - "affected" : "<", - "version_name" : "2.4", - "version_value" : "2.4.3" - }, - { - "affected" : "<", - "version_name" : "2.1", - "version_value" : "2.1.19" - } - ] - } - } - ] - }, - "vendor_name" : "Pivotal" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interact with malicious content could execute arbitrary JavaScript in the user's browser." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "HIGH", - "attackVector" : "NETWORK", - "availabilityImpact" : "LOW", - "baseScore" : 7.2, - "baseSeverity" : "HIGH", - "confidentialityImpact" : "LOW", - "integrityImpact" : "HIGH", - "privilegesRequired" : "HIGH", - "scope" : "CHANGED", - "userInteraction" : "NONE", - "vectorString" : "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-79: Cross-site Scripting (XSS) - Reflected" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "DATE_PUBLIC": "2019-02-20T00:00:00.000Z", + "ID": "CVE-2019-3776", + "STATE": "PUBLIC", + "TITLE": "Reflected XSS in Pivotal Operations Manager " + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Pivotal Ops Manager", + "version": { + "version_data": [ + { + "affected": "<", + "version_name": "2.2", + "version_value": "2.2.16" + }, + { + "affected": "<", + "version_name": "2.3", + "version_value": "2.3.10" + }, + { + "affected": "<", + "version_name": "2.4", + "version_value": "2.4.3" + }, + { + "affected": "<", + "version_name": "2.1", + "version_value": "2.1.19" + } + ] + } + } + ] + }, + "vendor_name": "Pivotal" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://pivotal.io/security/cve-2019-3776", - "refsource" : "CONFIRM", - "url" : "https://pivotal.io/security/cve-2019-3776" - }, - { - "name" : "107344", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107344" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interact with malicious content could execute arbitrary JavaScript in the user's browser." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Cross-site Scripting (XSS) - Reflected" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "107344", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107344" + }, + { + "name": "https://pivotal.io/security/cve-2019-3776", + "refsource": "CONFIRM", + "url": "https://pivotal.io/security/cve-2019-3776" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4316.json b/2019/4xxx/CVE-2019-4316.json index 7afa7938764..c66ee2c368f 100644 --- a/2019/4xxx/CVE-2019-4316.json +++ b/2019/4xxx/CVE-2019-4316.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4316", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4316", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4345.json b/2019/4xxx/CVE-2019-4345.json index 219b48cffea..64cc1a6b90b 100644 --- a/2019/4xxx/CVE-2019-4345.json +++ b/2019/4xxx/CVE-2019-4345.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4345", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4345", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4380.json b/2019/4xxx/CVE-2019-4380.json index a9179e978dc..e83dc2b8223 100644 --- a/2019/4xxx/CVE-2019-4380.json +++ b/2019/4xxx/CVE-2019-4380.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4380", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4380", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4598.json b/2019/4xxx/CVE-2019-4598.json index 6b876a013df..fc45a0335f3 100644 --- a/2019/4xxx/CVE-2019-4598.json +++ b/2019/4xxx/CVE-2019-4598.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4598", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4598", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8625.json b/2019/8xxx/CVE-2019-8625.json index 660c4eba0de..dfcb3497e85 100644 --- a/2019/8xxx/CVE-2019-8625.json +++ b/2019/8xxx/CVE-2019-8625.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8625", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8625", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8697.json b/2019/8xxx/CVE-2019-8697.json index 5b69c396a0a..3959ceb72bb 100644 --- a/2019/8xxx/CVE-2019-8697.json +++ b/2019/8xxx/CVE-2019-8697.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8697", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8697", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8742.json b/2019/8xxx/CVE-2019-8742.json index a0b801c216e..6d4be331d54 100644 --- a/2019/8xxx/CVE-2019-8742.json +++ b/2019/8xxx/CVE-2019-8742.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8742", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8742", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8924.json b/2019/8xxx/CVE-2019-8924.json index 119f325a219..a043929925a 100644 --- a/2019/8xxx/CVE-2019-8924.json +++ b/2019/8xxx/CVE-2019-8924.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8924", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8924", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9039.json b/2019/9xxx/CVE-2019-9039.json index d43c0a700de..befc6e7bf6c 100644 --- a/2019/9xxx/CVE-2019-9039.json +++ b/2019/9xxx/CVE-2019-9039.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9039", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9039", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9257.json b/2019/9xxx/CVE-2019-9257.json index efaa2c564e3..697a15baedc 100644 --- a/2019/9xxx/CVE-2019-9257.json +++ b/2019/9xxx/CVE-2019-9257.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9257", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9257", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9588.json b/2019/9xxx/CVE-2019-9588.json index 4fb5e09b285..b2423c77822 100644 --- a/2019/9xxx/CVE-2019-9588.json +++ b/2019/9xxx/CVE-2019-9588.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9588", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9588", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41261", - "refsource" : "MISC", - "url" : "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41261" - }, - { - "name" : "https://research.loginsoft.com/bugs/invalid-memory-access-in-gatomiccounter-gatomicincrement-xpdf-4-01/", - "refsource" : "MISC", - "url" : "https://research.loginsoft.com/bugs/invalid-memory-access-in-gatomiccounter-gatomicincrement-xpdf-4-01/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://research.loginsoft.com/bugs/invalid-memory-access-in-gatomiccounter-gatomicincrement-xpdf-4-01/", + "refsource": "MISC", + "url": "https://research.loginsoft.com/bugs/invalid-memory-access-in-gatomiccounter-gatomicincrement-xpdf-4-01/" + }, + { + "name": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41261", + "refsource": "MISC", + "url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41261" + } + ] + } +} \ No newline at end of file