From 1bb87db024138ddc79941a6939e668a708f5b5da Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 00:02:08 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0244.json | 250 +++++++-------- 2007/0xxx/CVE-2007-0734.json | 250 +++++++-------- 2007/0xxx/CVE-2007-0825.json | 150 ++++----- 2007/3xxx/CVE-2007-3097.json | 190 +++++------ 2007/3xxx/CVE-2007-3141.json | 130 ++++---- 2007/3xxx/CVE-2007-3196.json | 170 +++++----- 2007/3xxx/CVE-2007-3877.json | 34 +- 2007/4xxx/CVE-2007-4379.json | 190 +++++------ 2007/4xxx/CVE-2007-4500.json | 170 +++++----- 2007/4xxx/CVE-2007-4538.json | 220 ++++++------- 2007/4xxx/CVE-2007-4658.json | 490 ++++++++++++++--------------- 2007/4xxx/CVE-2007-4708.json | 190 +++++------ 2007/6xxx/CVE-2007-6103.json | 190 +++++------ 2010/5xxx/CVE-2010-5092.json | 170 +++++----- 2014/1xxx/CVE-2014-1742.json | 210 ++++++------- 2014/1xxx/CVE-2014-1768.json | 34 +- 2014/5xxx/CVE-2014-5277.json | 130 ++++---- 2014/5xxx/CVE-2014-5463.json | 34 +- 2014/5xxx/CVE-2014-5668.json | 140 ++++----- 2014/5xxx/CVE-2014-5860.json | 140 ++++----- 2015/2xxx/CVE-2015-2388.json | 130 ++++---- 2015/2xxx/CVE-2015-2419.json | 130 ++++---- 2015/2xxx/CVE-2015-2489.json | 140 ++++----- 2015/2xxx/CVE-2015-2592.json | 130 ++++---- 2015/6xxx/CVE-2015-6323.json | 130 ++++---- 2015/6xxx/CVE-2015-6834.json | 190 +++++------ 2016/0xxx/CVE-2016-0513.json | 130 ++++---- 2016/0xxx/CVE-2016-0924.json | 34 +- 2016/1000xxx/CVE-2016-1000127.json | 140 ++++----- 2016/10xxx/CVE-2016-10023.json | 34 +- 2016/10xxx/CVE-2016-10125.json | 130 ++++---- 2016/10xxx/CVE-2016-10268.json | 160 +++++----- 2016/4xxx/CVE-2016-4158.json | 120 +++---- 2016/4xxx/CVE-2016-4280.json | 160 +++++----- 2016/4xxx/CVE-2016-4345.json | 140 ++++----- 2016/4xxx/CVE-2016-4348.json | 180 +++++------ 2016/4xxx/CVE-2016-4480.json | 160 +++++----- 2016/9xxx/CVE-2016-9289.json | 34 +- 2016/9xxx/CVE-2016-9540.json | 160 +++++----- 2019/2xxx/CVE-2019-2082.json | 34 +- 2019/2xxx/CVE-2019-2176.json | 34 +- 2019/2xxx/CVE-2019-2691.json | 34 +- 2019/2xxx/CVE-2019-2773.json | 34 +- 2019/3xxx/CVE-2019-3362.json | 34 +- 2019/3xxx/CVE-2019-3788.json | 34 +- 2019/3xxx/CVE-2019-3868.json | 34 +- 2019/3xxx/CVE-2019-3915.json | 34 +- 2019/6xxx/CVE-2019-6036.json | 34 +- 2019/6xxx/CVE-2019-6074.json | 34 +- 2019/6xxx/CVE-2019-6265.json | 120 +++---- 2019/6xxx/CVE-2019-6830.json | 34 +- 2019/7xxx/CVE-2019-7175.json | 130 ++++---- 2019/7xxx/CVE-2019-7243.json | 34 +- 2019/7xxx/CVE-2019-7785.json | 34 +- 2019/8xxx/CVE-2019-8179.json | 34 +- 2019/8xxx/CVE-2019-8248.json | 34 +- 2019/8xxx/CVE-2019-8427.json | 120 +++---- 2019/8xxx/CVE-2019-8628.json | 34 +- 2019/9xxx/CVE-2019-9371.json | 34 +- 59 files changed, 3431 insertions(+), 3431 deletions(-) diff --git a/2007/0xxx/CVE-2007-0244.json b/2007/0xxx/CVE-2007-0244.json index 759a742a4be..d472f480aad 100644 --- a/2007/0xxx/CVE-2007-0244.json +++ b/2007/0xxx/CVE-2007-0244.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0244", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3.4 allows remote attackers to cause a denial of service (PPTP connection tear-down) via (1) GRE packets with out-of-order sequence numbers or (2) certain GRE packets that are processed using a wrong pointer and improperly dequeued." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0244", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=501476&group_id=44827", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=501476&group_id=44827" - }, - { - "name" : "DSA-1288", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1288" - }, - { - "name" : "GLSA-200705-18", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200705-18.xml" - }, - { - "name" : "SUSE-SR:2007:010", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_10_sr.html" - }, - { - "name" : "SUSE-SR:2007:019", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_19_sr.html" - }, - { - "name" : "2007-0017", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0017/" - }, - { - "name" : "USN-459-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-459-1" - }, - { - "name" : "USN-459-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-459-2" - }, - { - "name" : "23886", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23886" - }, - { - "name" : "ADV-2007-1743", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1743" - }, - { - "name" : "1018064", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018064" - }, - { - "name" : "25220", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25220" - }, - { - "name" : "25255", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25255" - }, - { - "name" : "26987", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26987" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3.4 allows remote attackers to cause a denial of service (PPTP connection tear-down) via (1) GRE packets with out-of-order sequence numbers or (2) certain GRE packets that are processed using a wrong pointer and improperly dequeued." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1743", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1743" + }, + { + "name": "SUSE-SR:2007:019", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html" + }, + { + "name": "1018064", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018064" + }, + { + "name": "23886", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23886" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=501476&group_id=44827", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=501476&group_id=44827" + }, + { + "name": "2007-0017", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0017/" + }, + { + "name": "26987", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26987" + }, + { + "name": "USN-459-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-459-1" + }, + { + "name": "SUSE-SR:2007:010", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html" + }, + { + "name": "25255", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25255" + }, + { + "name": "USN-459-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-459-2" + }, + { + "name": "GLSA-200705-18", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200705-18.xml" + }, + { + "name": "25220", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25220" + }, + { + "name": "DSA-1288", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1288" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0734.json b/2007/0xxx/CVE-2007-0734.json index 0b75ac13701..98636444b74 100644 --- a/2007/0xxx/CVE-2007-0734.json +++ b/2007/0xxx/CVE-2007-0734.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0734", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0734", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=305366", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=305366" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=305391", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=305391" - }, - { - "name" : "APPLE-SA-2007-04-09", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Apr/msg00000.html" - }, - { - "name" : "APPLE-SA-2007-04-19", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" - }, - { - "name" : "TA07-109A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" - }, - { - "name" : "23396", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23396" - }, - { - "name" : "23569", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23569" - }, - { - "name" : "ADV-2007-1308", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1308" - }, - { - "name" : "ADV-2007-1470", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1470" - }, - { - "name" : "1017889", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017889" - }, - { - "name" : "1017942", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017942" - }, - { - "name" : "24830", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24830" - }, - { - "name" : "24966", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24966" - }, - { - "name" : "airportextreme-airportdisk-info-disclosure(33527)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33527" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24830", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24830" + }, + { + "name": "24966", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24966" + }, + { + "name": "23396", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23396" + }, + { + "name": "airportextreme-airportdisk-info-disclosure(33527)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33527" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=305391", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=305391" + }, + { + "name": "ADV-2007-1308", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1308" + }, + { + "name": "23569", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23569" + }, + { + "name": "APPLE-SA-2007-04-09", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Apr/msg00000.html" + }, + { + "name": "1017942", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017942" + }, + { + "name": "TA07-109A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" + }, + { + "name": "1017889", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017889" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=305366", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=305366" + }, + { + "name": "APPLE-SA-2007-04-19", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" + }, + { + "name": "ADV-2007-1470", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1470" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0825.json b/2007/0xxx/CVE-2007-0825.json index ed41329703e..94ba434a7ca 100644 --- a/2007/0xxx/CVE-2007-0825.json +++ b/2007/0xxx/CVE-2007-0825.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0825", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FlashFXP 3.4.0 build 1145 allows remote servers to cause a denial of service (CPU consumption) via a response to a PWD command that contains a long string with deeply nested directory structure, possibly due to a buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0825", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3276", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3276" - }, - { - "name" : "22433", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22433" - }, - { - "name" : "35796", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35796" - }, - { - "name" : "flashfxp-pwdcommand-dos(32416)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32416" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FlashFXP 3.4.0 build 1145 allows remote servers to cause a denial of service (CPU consumption) via a response to a PWD command that contains a long string with deeply nested directory structure, possibly due to a buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35796", + "refsource": "OSVDB", + "url": "http://osvdb.org/35796" + }, + { + "name": "22433", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22433" + }, + { + "name": "flashfxp-pwdcommand-dos(32416)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32416" + }, + { + "name": "3276", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3276" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3097.json b/2007/3xxx/CVE-2007-3097.json index a13f7ea91dd..c60b5996dea 100644 --- a/2007/3xxx/CVE-2007-3097.json +++ b/2007/3xxx/CVE-2007-3097.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3097", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers to execute arbitrary shell commands via shell metacharacters in the username parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3097", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070604 S21Sec-035: F5 FirePass command execution vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/470444/100/0/threaded" - }, - { - "name" : "http://www.s21sec.com/avisos/s21sec-035-en.txt", - "refsource" : "MISC", - "url" : "http://www.s21sec.com/avisos/s21sec-035-en.txt" - }, - { - "name" : "24306", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24306" - }, - { - "name" : "ADV-2007-2073", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2073" - }, - { - "name" : "35246", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/35246" - }, - { - "name" : "1018190", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018190" - }, - { - "name" : "25563", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25563" - }, - { - "name" : "firepass-myactivation-command-execution(34708)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34708" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers to execute arbitrary shell commands via shell metacharacters in the username parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1018190", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018190" + }, + { + "name": "25563", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25563" + }, + { + "name": "http://www.s21sec.com/avisos/s21sec-035-en.txt", + "refsource": "MISC", + "url": "http://www.s21sec.com/avisos/s21sec-035-en.txt" + }, + { + "name": "20070604 S21Sec-035: F5 FirePass command execution vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/470444/100/0/threaded" + }, + { + "name": "firepass-myactivation-command-execution(34708)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34708" + }, + { + "name": "ADV-2007-2073", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2073" + }, + { + "name": "24306", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24306" + }, + { + "name": "35246", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/35246" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3141.json b/2007/3xxx/CVE-2007-3141.json index b6c2e2a3286..71778e49f1a 100644 --- a/2007/3xxx/CVE-2007-3141.json +++ b/2007/3xxx/CVE-2007-3141.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3141", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 allows remote attackers to execute arbitrary PHP code via a URL in the editor_insert_top parameter. NOTE: the editor_insert_bottom vector is already covered by CVE-2006-6042." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3141", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070607 phpWebThings ==>1.5.2 RFI", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/470794/100/0/threaded" - }, - { - "name" : "2786", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2786" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 allows remote attackers to execute arbitrary PHP code via a URL in the editor_insert_top parameter. NOTE: the editor_insert_bottom vector is already covered by CVE-2006-6042." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070607 phpWebThings ==>1.5.2 RFI", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/470794/100/0/threaded" + }, + { + "name": "2786", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2786" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3196.json b/2007/3xxx/CVE-2007-3196.json index fcfdc866c27..71569575cb3 100644 --- a/2007/3xxx/CVE-2007-3196.json +++ b/2007/3xxx/CVE-2007-3196.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3196", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in vBSupport.php in vSupport Integrated Ticket System 3.x.x allows remote attackers to execute arbitrary SQL commands via the ticketid parameter in a showticket action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3196", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070609 vSupport Integrated Ticket System 3.*.* SQL injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/470966/100/0/threaded" - }, - { - "name" : "24397", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24397" - }, - { - "name" : "37331", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37331" - }, - { - "name" : "38811", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38811" - }, - { - "name" : "2795", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2795" - }, - { - "name" : "vbsupport-vbsupport-sql-injection(34804)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34804" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in vBSupport.php in vSupport Integrated Ticket System 3.x.x allows remote attackers to execute arbitrary SQL commands via the ticketid parameter in a showticket action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37331", + "refsource": "OSVDB", + "url": "http://osvdb.org/37331" + }, + { + "name": "38811", + "refsource": "OSVDB", + "url": "http://osvdb.org/38811" + }, + { + "name": "2795", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2795" + }, + { + "name": "vbsupport-vbsupport-sql-injection(34804)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34804" + }, + { + "name": "20070609 vSupport Integrated Ticket System 3.*.* SQL injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/470966/100/0/threaded" + }, + { + "name": "24397", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24397" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3877.json b/2007/3xxx/CVE-2007-3877.json index 37ffeec87d1..01801ba9825 100644 --- a/2007/3xxx/CVE-2007-3877.json +++ b/2007/3xxx/CVE-2007-3877.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3877", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3877", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4379.json b/2007/4xxx/CVE-2007-4379.json index 2bdb1547162..f1accb8c418 100644 --- a/2007/4xxx/CVE-2007-4379.json +++ b/2007/4xxx/CVE-2007-4379.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4379", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Babo Violent 2 2.08.00 and earlier allows remote attackers to cause a denial of service (application crash) via (1) a value greater than 0x27 for the (a) 0xca, (b) 0xcb, (c) 0xcc, (d) 0xce, (e) 0xcf, or (f) 0xd0 data ID; (2) a nonexistent map name; or (3) a UDP packet that specifies a large data size." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4379", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070814 Multiple vulnerabilities in Babo Violent 2 2.08.00", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/476520/100/0/threaded" - }, - { - "name" : "http://aluigi.altervista.org/adv/bv2x-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/bv2x-adv.txt" - }, - { - "name" : "25329", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25329" - }, - { - "name" : "26453", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26453" - }, - { - "name" : "3024", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3024" - }, - { - "name" : "baboviolent-map-names-dos(36016)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36016" - }, - { - "name" : "baboviolent-packets-dos(36014)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36014" - }, - { - "name" : "baboviolent-udp-dos(36017)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36017" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Babo Violent 2 2.08.00 and earlier allows remote attackers to cause a denial of service (application crash) via (1) a value greater than 0x27 for the (a) 0xca, (b) 0xcb, (c) 0xcc, (d) 0xce, (e) 0xcf, or (f) 0xd0 data ID; (2) a nonexistent map name; or (3) a UDP packet that specifies a large data size." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "baboviolent-map-names-dos(36016)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36016" + }, + { + "name": "26453", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26453" + }, + { + "name": "baboviolent-packets-dos(36014)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36014" + }, + { + "name": "3024", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3024" + }, + { + "name": "baboviolent-udp-dos(36017)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36017" + }, + { + "name": "20070814 Multiple vulnerabilities in Babo Violent 2 2.08.00", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/476520/100/0/threaded" + }, + { + "name": "http://aluigi.altervista.org/adv/bv2x-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/bv2x-adv.txt" + }, + { + "name": "25329", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25329" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4500.json b/2007/4xxx/CVE-2007-4500.json index fe272eb7e6b..88eb846fc34 100644 --- a/2007/4xxx/CVE-2007-4500.json +++ b/2007/4xxx/CVE-2007-4500.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4500", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in TunnelRunner in SSHKeychain before 0.8.2 beta, and possibly later versions, allows local users to gain privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4500", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[Users] 20070822 New version: 0.8.3 beta", - "refsource" : "MLIST", - "url" : "http://www.sshkeychain.org/pipermail/users/2007-August/000102.html" - }, - { - "name" : "[Users] 20070822 SECURITY: root privilege escalation / trivial reveal of stored passwords", - "refsource" : "MLIST", - "url" : "http://www.sshkeychain.org/pipermail/users/2007-August/000098.html" - }, - { - "name" : "[Users] 20070823 New version: 0.8.3 beta", - "refsource" : "MLIST", - "url" : "http://www.sshkeychain.org/pipermail/users/2007-August/000104.html" - }, - { - "name" : "25409", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25409" - }, - { - "name" : "1018630", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018630" - }, - { - "name" : "26617", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26617" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in TunnelRunner in SSHKeychain before 0.8.2 beta, and possibly later versions, allows local users to gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[Users] 20070822 New version: 0.8.3 beta", + "refsource": "MLIST", + "url": "http://www.sshkeychain.org/pipermail/users/2007-August/000102.html" + }, + { + "name": "1018630", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018630" + }, + { + "name": "[Users] 20070822 SECURITY: root privilege escalation / trivial reveal of stored passwords", + "refsource": "MLIST", + "url": "http://www.sshkeychain.org/pipermail/users/2007-August/000098.html" + }, + { + "name": "26617", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26617" + }, + { + "name": "[Users] 20070823 New version: 0.8.3 beta", + "refsource": "MLIST", + "url": "http://www.sshkeychain.org/pipermail/users/2007-August/000104.html" + }, + { + "name": "25409", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25409" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4538.json b/2007/4xxx/CVE-2007-4538.json index 0d5d267848c..0664b369e53 100644 --- a/2007/4xxx/CVE-2007-4538.json +++ b/2007/4xxx/CVE-2007-4538.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4538", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "email_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers to execute arbitrary commands via the -f (From address) option to the Email::Send::Sendmail function, probably involving shell metacharacters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4538", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070823 Security Advisory for Bugzilla 3.0, 2.22.1, and 2.20.4", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/477630/100/0/threaded" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=386860", - "refsource" : "MISC", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=386860" - }, - { - "name" : "http://www.bugzilla.org/security/2.20.4/", - "refsource" : "CONFIRM", - "url" : "http://www.bugzilla.org/security/2.20.4/" - }, - { - "name" : "GLSA-200709-18", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200709-18.xml" - }, - { - "name" : "25425", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25425" - }, - { - "name" : "ADV-2007-2977", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2977" - }, - { - "name" : "37203", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37203" - }, - { - "name" : "1018604", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018604" - }, - { - "name" : "26584", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26584" - }, - { - "name" : "26971", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26971" - }, - { - "name" : "bugzilla-sendmail-command-execution(36243)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36243" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "email_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers to execute arbitrary commands via the -f (From address) option to the Email::Send::Sendmail function, probably involving shell metacharacters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37203", + "refsource": "OSVDB", + "url": "http://osvdb.org/37203" + }, + { + "name": "GLSA-200709-18", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200709-18.xml" + }, + { + "name": "20070823 Security Advisory for Bugzilla 3.0, 2.22.1, and 2.20.4", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/477630/100/0/threaded" + }, + { + "name": "bugzilla-sendmail-command-execution(36243)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36243" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=386860", + "refsource": "MISC", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=386860" + }, + { + "name": "26971", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26971" + }, + { + "name": "ADV-2007-2977", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2977" + }, + { + "name": "26584", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26584" + }, + { + "name": "1018604", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018604" + }, + { + "name": "25425", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25425" + }, + { + "name": "http://www.bugzilla.org/security/2.20.4/", + "refsource": "CONFIRM", + "url": "http://www.bugzilla.org/security/2.20.4/" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4658.json b/2007/4xxx/CVE-2007-4658.json index ac95ca4bf23..b94e8c03a33 100644 --- a/2007/4xxx/CVE-2007-4658.json +++ b/2007/4xxx/CVE-2007-4658.json @@ -1,247 +1,247 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4658", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4658", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.php.net/ChangeLog-5.php#5.2.4", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php#5.2.4" - }, - { - "name" : "http://www.php.net/releases/5_2_4.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_4.php" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1702", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1702" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1693", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1693" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm" - }, - { - "name" : "https://launchpad.net/bugs/173043", - "refsource" : "CONFIRM", - "url" : "https://launchpad.net/bugs/173043" - }, - { - "name" : "http://www.php.net/ChangeLog-4.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-4.php" - }, - { - "name" : "http://www.php.net/releases/4_4_8.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/4_4_8.php" - }, - { - "name" : "DSA-1444", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1444" - }, - { - "name" : "FEDORA-2007-709", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html" - }, - { - "name" : "GLSA-200710-02", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" - }, - { - "name" : "MDKSA-2007:187", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187" - }, - { - "name" : "RHSA-2007:0890", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0890.html" - }, - { - "name" : "RHSA-2007:0889", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0889.html" - }, - { - "name" : "RHSA-2007:0891", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0891.html" - }, - { - "name" : "SSA:2008-045-03", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136" - }, - { - "name" : "SUSE-SA:2008:004", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html" - }, - { - "name" : "2007-0026", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0026/" - }, - { - "name" : "USN-549-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/549-1/" - }, - { - "name" : "USN-549-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-549-2" - }, - { - "name" : "oval:org.mitre.oval:def:10363", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10363" - }, - { - "name" : "ADV-2007-3023", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3023" - }, - { - "name" : "26642", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26642" - }, - { - "name" : "26822", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26822" - }, - { - "name" : "26838", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26838" - }, - { - "name" : "26930", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26930" - }, - { - "name" : "26871", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26871" - }, - { - "name" : "26895", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26895" - }, - { - "name" : "26967", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26967" - }, - { - "name" : "27377", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27377" - }, - { - "name" : "27545", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27545" - }, - { - "name" : "27102", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27102" - }, - { - "name" : "27864", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27864" - }, - { - "name" : "28249", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28249" - }, - { - "name" : "28658", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28658" - }, - { - "name" : "28936", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28936" - }, - { - "name" : "ADV-2008-0059", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0059" - }, - { - "name" : "php-moneyformat-unspecified(36377)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36377" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26822", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26822" + }, + { + "name": "php-moneyformat-unspecified(36377)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36377" + }, + { + "name": "https://launchpad.net/bugs/173043", + "refsource": "CONFIRM", + "url": "https://launchpad.net/bugs/173043" + }, + { + "name": "SUSE-SA:2008:004", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html" + }, + { + "name": "ADV-2008-0059", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0059" + }, + { + "name": "28658", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28658" + }, + { + "name": "FEDORA-2007-709", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html" + }, + { + "name": "26967", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26967" + }, + { + "name": "DSA-1444", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1444" + }, + { + "name": "GLSA-200710-02", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" + }, + { + "name": "27864", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27864" + }, + { + "name": "oval:org.mitre.oval:def:10363", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10363" + }, + { + "name": "http://www.php.net/releases/4_4_8.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/4_4_8.php" + }, + { + "name": "SSA:2008-045-03", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136" + }, + { + "name": "http://www.php.net/ChangeLog-5.php#5.2.4", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php#5.2.4" + }, + { + "name": "28936", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28936" + }, + { + "name": "26930", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26930" + }, + { + "name": "2007-0026", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0026/" + }, + { + "name": "RHSA-2007:0889", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0889.html" + }, + { + "name": "USN-549-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/549-1/" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1693", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1693" + }, + { + "name": "28249", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28249" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1702", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1702" + }, + { + "name": "27545", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27545" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm" + }, + { + "name": "26838", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26838" + }, + { + "name": "27377", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27377" + }, + { + "name": "MDKSA-2007:187", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187" + }, + { + "name": "http://www.php.net/ChangeLog-4.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-4.php" + }, + { + "name": "27102", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27102" + }, + { + "name": "ADV-2007-3023", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3023" + }, + { + "name": "http://www.php.net/releases/5_2_4.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_4.php" + }, + { + "name": "26895", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26895" + }, + { + "name": "USN-549-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-549-2" + }, + { + "name": "RHSA-2007:0890", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0890.html" + }, + { + "name": "RHSA-2007:0891", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0891.html" + }, + { + "name": "26871", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26871" + }, + { + "name": "26642", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26642" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4708.json b/2007/4xxx/CVE-2007-4708.json index 10cd6bb33bc..55fedd0ad0f 100644 --- a/2007/4xxx/CVE-2007-4708.json +++ b/2007/4xxx/CVE-2007-4708.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4708", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4708", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=307179", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307179" - }, - { - "name" : "APPLE-SA-2007-12-17", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html" - }, - { - "name" : "TA07-352A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-352A.html" - }, - { - "name" : "26910", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26910" - }, - { - "name" : "ADV-2007-4238", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4238" - }, - { - "name" : "1019106", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019106" - }, - { - "name" : "28136", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28136" - }, - { - "name" : "macos-addressbook-format-string(39092)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39092" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-4238", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4238" + }, + { + "name": "TA07-352A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html" + }, + { + "name": "28136", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28136" + }, + { + "name": "26910", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26910" + }, + { + "name": "1019106", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019106" + }, + { + "name": "APPLE-SA-2007-12-17", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html" + }, + { + "name": "macos-addressbook-format-string(39092)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39092" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307179", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307179" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6103.json b/2007/6xxx/CVE-2007-6103.json index 312b244b2ed..036b85e2eba 100644 --- a/2007/6xxx/CVE-2007-6103.json +++ b/2007/6xxx/CVE-2007-6103.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6103", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a denial of service (infinite loop) via a packet that contains zero in the size field in its header, which is improperly handled by the Receiver::processPacket function; and (2) a denial of service (daemon crash) via an (a) IHU_INFO_INIT or a (b) IHU_INFO_RING packet that does not specify the mode, which is improperly handled by the Player::ring function in Player.cpp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6103", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://aluigi.altervista.org/adv/ihudos-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/ihudos-adv.txt" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=355409&group_id=75788", - "refsource" : "MISC", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=355409&group_id=75788" - }, - { - "name" : "26516", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26516" - }, - { - "name" : "42395", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42395" - }, - { - "name" : "42396", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42396" - }, - { - "name" : "27754", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27754" - }, - { - "name" : "ihearu-packet-dos(38568)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38568" - }, - { - "name" : "ihearu-ring-dos(38569)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38569" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a denial of service (infinite loop) via a packet that contains zero in the size field in its header, which is improperly handled by the Receiver::processPacket function; and (2) a denial of service (daemon crash) via an (a) IHU_INFO_INIT or a (b) IHU_INFO_RING packet that does not specify the mode, which is improperly handled by the Player::ring function in Player.cpp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26516", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26516" + }, + { + "name": "42396", + "refsource": "OSVDB", + "url": "http://osvdb.org/42396" + }, + { + "name": "ihearu-packet-dos(38568)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38568" + }, + { + "name": "http://aluigi.altervista.org/adv/ihudos-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/ihudos-adv.txt" + }, + { + "name": "42395", + "refsource": "OSVDB", + "url": "http://osvdb.org/42395" + }, + { + "name": "ihearu-ring-dos(38569)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38569" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=355409&group_id=75788", + "refsource": "MISC", + "url": "http://sourceforge.net/project/shownotes.php?release_id=355409&group_id=75788" + }, + { + "name": "27754", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27754" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5092.json b/2010/5xxx/CVE-2010-5092.json index 3410f28ea62..a6f03fa1c24 100644 --- a/2010/5xxx/CVE-2010-5092.json +++ b/2010/5xxx/CVE-2010-5092.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5092", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Add Member dialog in the Security admin page in SilverStripe 2.4.0 saves user passwords in plaintext, which allows local users to obtain sensitive information by reading a database." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-5092", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20120430 CVE-request: SilverStripe before 2.4.4", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/04/30/1" - }, - { - "name" : "[oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/04/30/3" - }, - { - "name" : "[oss-security] 20120501 Re: CVE-request: SilverStripe before 2.4.4", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/05/01/3" - }, - { - "name" : "http://open.silverstripe.org/ticket/5772", - "refsource" : "MISC", - "url" : "http://open.silverstripe.org/ticket/5772" - }, - { - "name" : "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1", - "refsource" : "CONFIRM", - "url" : "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1" - }, - { - "name" : "http://open.silverstripe.org/changeset/107532", - "refsource" : "CONFIRM", - "url" : "http://open.silverstripe.org/changeset/107532" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Add Member dialog in the Security admin page in SilverStripe 2.4.0 saves user passwords in plaintext, which allows local users to obtain sensitive information by reading a database." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20120501 Re: CVE-request: SilverStripe before 2.4.4", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/05/01/3" + }, + { + "name": "[oss-security] 20120430 CVE-request: SilverStripe before 2.4.4", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/04/30/1" + }, + { + "name": "[oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/04/30/3" + }, + { + "name": "http://open.silverstripe.org/ticket/5772", + "refsource": "MISC", + "url": "http://open.silverstripe.org/ticket/5772" + }, + { + "name": "http://open.silverstripe.org/changeset/107532", + "refsource": "CONFIRM", + "url": "http://open.silverstripe.org/changeset/107532" + }, + { + "name": "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1", + "refsource": "CONFIRM", + "url": "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1742.json b/2014/1xxx/CVE-2014-1742.json index 08d17309c8d..3c6bcaac11a 100644 --- a/2014/1xxx/CVE-2014-1742.json +++ b/2014/1xxx/CVE-2014-1742.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1742", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2014-1742", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=356690", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=356690" - }, - { - "name" : "https://src.chromium.org/viewvc/blink?revision=171440&view=revision", - "refsource" : "CONFIRM", - "url" : "https://src.chromium.org/viewvc/blink?revision=171440&view=revision" - }, - { - "name" : "DSA-2930", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2930" - }, - { - "name" : "GLSA-201408-16", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml" - }, - { - "name" : "openSUSE-SU-2014:0783", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html" - }, - { - "name" : "67375", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67375" - }, - { - "name" : "1030240", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030240" - }, - { - "name" : "59155", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59155" - }, - { - "name" : "60372", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60372" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-2930", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2930" + }, + { + "name": "https://src.chromium.org/viewvc/blink?revision=171440&view=revision", + "refsource": "CONFIRM", + "url": "https://src.chromium.org/viewvc/blink?revision=171440&view=revision" + }, + { + "name": "GLSA-201408-16", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml" + }, + { + "name": "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html" + }, + { + "name": "60372", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60372" + }, + { + "name": "openSUSE-SU-2014:0783", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html" + }, + { + "name": "59155", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59155" + }, + { + "name": "67375", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67375" + }, + { + "name": "1030240", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030240" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=356690", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=356690" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1768.json b/2014/1xxx/CVE-2014-1768.json index 5f6d3274a17..ea0b96a1157 100644 --- a/2014/1xxx/CVE-2014-1768.json +++ b/2014/1xxx/CVE-2014-1768.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1768", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-1768", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5277.json b/2014/5xxx/CVE-2014-5277.json index 154ec8112ef..bbf1883bf05 100644 --- a/2014/5xxx/CVE-2014-5277.json +++ b/2014/5xxx/CVE-2014-5277.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5277", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5277", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://groups.google.com/forum/#!topic/docker-user/oYm0i3xShJU", - "refsource" : "CONFIRM", - "url" : "https://groups.google.com/forum/#!topic/docker-user/oYm0i3xShJU" - }, - { - "name" : "openSUSE-SU-2014:1411", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-11/msg00048.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2014:1411", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00048.html" + }, + { + "name": "https://groups.google.com/forum/#!topic/docker-user/oYm0i3xShJU", + "refsource": "CONFIRM", + "url": "https://groups.google.com/forum/#!topic/docker-user/oYm0i3xShJU" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5463.json b/2014/5xxx/CVE-2014-5463.json index 3d761366fb7..ef7dec0c686 100644 --- a/2014/5xxx/CVE-2014-5463.json +++ b/2014/5xxx/CVE-2014-5463.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5463", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5463", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5668.json b/2014/5xxx/CVE-2014-5668.json index d7bd3c0471b..d7bbb13ea86 100644 --- a/2014/5xxx/CVE-2014-5668.json +++ b/2014/5xxx/CVE-2014-5668.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5668", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The BAND -Group sharing & planning (aka com.nhn.android.band) application 3.2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5668", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#804257", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/804257" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The BAND -Group sharing & planning (aka com.nhn.android.band) application 3.2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#804257", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/804257" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5860.json b/2014/5xxx/CVE-2014-5860.json index 4f90c3aacf2..8f9aa8bd226 100644 --- a/2014/5xxx/CVE-2014-5860.json +++ b/2014/5xxx/CVE-2014-5860.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5860", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Slide Show Creator (aka com.amem) application 4.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5860", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#900617", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/900617" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Slide Show Creator (aka com.amem) application 4.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#900617", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/900617" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2388.json b/2015/2xxx/CVE-2015-2388.json index d3ddb8d80c5..5f18c7d5b0f 100644 --- a/2015/2xxx/CVE-2015-2388.json +++ b/2015/2xxx/CVE-2015-2388.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2388", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-1738." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2388", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-065", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" - }, - { - "name" : "1032894", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-1738." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032894", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032894" + }, + { + "name": "MS15-065", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2419.json b/2015/2xxx/CVE-2015-2419.json index 58a8663ea58..28e55d51259 100644 --- a/2015/2xxx/CVE-2015-2419.json +++ b/2015/2xxx/CVE-2015-2419.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2419", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"JScript9 Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2419", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-065", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" - }, - { - "name" : "1032894", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"JScript9 Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032894", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032894" + }, + { + "name": "MS15-065", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2489.json b/2015/2xxx/CVE-2015-2489.json index a762f4db02e..03ad6507ce6 100644 --- a/2015/2xxx/CVE-2015-2489.json +++ b/2015/2xxx/CVE-2015-2489.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2489", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka \"Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2489", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-094", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" - }, - { - "name" : "76585", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76585" - }, - { - "name" : "1033487", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033487" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka \"Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "76585", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76585" + }, + { + "name": "MS15-094", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" + }, + { + "name": "1033487", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033487" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2592.json b/2015/2xxx/CVE-2015-2592.json index 7ac2b4decc3..c7efea1ccd1 100644 --- a/2015/2xxx/CVE-2015-2592.json +++ b/2015/2xxx/CVE-2015-2592.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2592", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Hyperion Enterprise Performance Management Architect component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulnerability than CVE-2015-2584." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2592", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "1032924", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032924" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Hyperion Enterprise Performance Management Architect component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulnerability than CVE-2015-2584." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "1032924", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032924" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6323.json b/2015/6xxx/CVE-2015-6323.json index b28875fcb27..7893d5dd740 100644 --- a/2015/6xxx/CVE-2015-6323.json +++ b/2015/6xxx/CVE-2015-6323.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6323", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote attackers to obtain administrative access via unspecified vectors, aka Bug ID CSCuw34253." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6323", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160113 Cisco Identity Services Engine Unauthorized Access Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise" - }, - { - "name" : "1034666", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034666" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote attackers to obtain administrative access via unspecified vectors, aka Bug ID CSCuw34253." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160113 Cisco Identity Services Engine Unauthorized Access Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise" + }, + { + "name": "1034666", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034666" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6834.json b/2015/6xxx/CVE-2015-6834.json index c50b17b1397..6cf2e244bff 100644 --- a/2015/6xxx/CVE-2015-6834.json +++ b/2015/6xxx/CVE-2015-6834.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6834", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@suse.com", + "ID": "CVE-2015-6834", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-5.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=70172", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=70172" - }, - { - "name" : "https://bugs.php.net/bug.php?id=70365", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=70365" - }, - { - "name" : "https://bugs.php.net/bug.php?id=70366", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=70366" - }, - { - "name" : "DSA-3358", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3358" - }, - { - "name" : "GLSA-201606-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201606-10" - }, - { - "name" : "76649", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76649" - }, - { - "name" : "1033548", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033548" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.php.net/bug.php?id=70366", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=70366" + }, + { + "name": "1033548", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033548" + }, + { + "name": "76649", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76649" + }, + { + "name": "http://php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-5.php" + }, + { + "name": "https://bugs.php.net/bug.php?id=70365", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=70365" + }, + { + "name": "https://bugs.php.net/bug.php?id=70172", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=70172" + }, + { + "name": "DSA-3358", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3358" + }, + { + "name": "GLSA-201606-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201606-10" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0513.json b/2016/0xxx/CVE-2016-0513.json index f1373be4cb3..a20d4ea07c8 100644 --- a/2016/0xxx/CVE-2016-0513.json +++ b/2016/0xxx/CVE-2016-0513.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0513", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0513", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034726", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034726", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034726" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0924.json b/2016/0xxx/CVE-2016-0924.json index c396812db7b..ff878546999 100644 --- a/2016/0xxx/CVE-2016-0924.json +++ b/2016/0xxx/CVE-2016-0924.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0924", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-2761. Reason: This candidate is subsumed by CVE-2004-2761. Notes: All CVE users should reference CVE-2004-2761 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0924", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-2761. Reason: This candidate is subsumed by CVE-2004-2761. Notes: All CVE users should reference CVE-2004-2761 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000127.json b/2016/1000xxx/CVE-2016-1000127.json index 81c930336f9..7fbc3b9ab8b 100644 --- a/2016/1000xxx/CVE-2016-1000127.json +++ b/2016/1000xxx/CVE-2016-1000127.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000127", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Reflected XSS in wordpress plugin ajax-random-post v2.00" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000127", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=494", - "refsource" : "MISC", - "url" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=494" - }, - { - "name" : "https://wordpress.org/plugins/ajax-random-post", - "refsource" : "MISC", - "url" : "https://wordpress.org/plugins/ajax-random-post" - }, - { - "name" : "93895", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Reflected XSS in wordpress plugin ajax-random-post v2.00" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93895", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93895" + }, + { + "name": "https://wordpress.org/plugins/ajax-random-post", + "refsource": "MISC", + "url": "https://wordpress.org/plugins/ajax-random-post" + }, + { + "name": "http://www.vapidlabs.com/wp/wp_advisory.php?v=494", + "refsource": "MISC", + "url": "http://www.vapidlabs.com/wp/wp_advisory.php?v=494" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10023.json b/2016/10xxx/CVE-2016-10023.json index 9b3af4f2291..6b63451755e 100644 --- a/2016/10xxx/CVE-2016-10023.json +++ b/2016/10xxx/CVE-2016-10023.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10023", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-10023", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10125.json b/2016/10xxx/CVE-2016-10125.json index e029ab48dd3..7a27a01338c 100644 --- a/2016/10xxx/CVE-2016-10125.json +++ b/2016/10xxx/CVE-2016-10125.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10125", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10125", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://labs.integrity.pt/advisories/dlink-dgs-1100-hardcoded-keys/", - "refsource" : "MISC", - "url" : "https://labs.integrity.pt/advisories/dlink-dgs-1100-hardcoded-keys/" - }, - { - "name" : "95329", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95329" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://labs.integrity.pt/advisories/dlink-dgs-1100-hardcoded-keys/", + "refsource": "MISC", + "url": "https://labs.integrity.pt/advisories/dlink-dgs-1100-hardcoded-keys/" + }, + { + "name": "95329", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95329" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10268.json b/2016/10xxx/CVE-2016-10268.json index f13916bce44..66da2178525 100644 --- a/2016/10xxx/CVE-2016-10268.json +++ b/2016/10xxx/CVE-2016-10268.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10268", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 78490\" and libtiff/tif_unix.c:115:23." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10268", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/", - "refsource" : "MISC", - "url" : "https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/" - }, - { - "name" : "https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df", - "refsource" : "MISC", - "url" : "https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df" - }, - { - "name" : "GLSA-201709-27", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201709-27" - }, - { - "name" : "USN-3602-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3602-1/" - }, - { - "name" : "97202", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97202" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 78490\" and libtiff/tif_unix.c:115:23." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/", + "refsource": "MISC", + "url": "https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/" + }, + { + "name": "GLSA-201709-27", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201709-27" + }, + { + "name": "https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df", + "refsource": "MISC", + "url": "https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df" + }, + { + "name": "USN-3602-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3602-1/" + }, + { + "name": "97202", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97202" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4158.json b/2016/4xxx/CVE-2016-4158.json index 8959bfda275..e14cf6e12fe 100644 --- a/2016/4xxx/CVE-2016-4158.json +++ b/2016/4xxx/CVE-2016-4158.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4158", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4158", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4280.json b/2016/4xxx/CVE-2016-4280.json index 5818a358105..d9a3bc31269 100644 --- a/2016/4xxx/CVE-2016-4280.json +++ b/2016/4xxx/CVE-2016-4280.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4280", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4280", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" - }, - { - "name" : "GLSA-201610-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-10" - }, - { - "name" : "RHSA-2016:1865", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1865.html" - }, - { - "name" : "92930", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92930" - }, - { - "name" : "1036791", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036791" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201610-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-10" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" + }, + { + "name": "RHSA-2016:1865", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html" + }, + { + "name": "92930", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92930" + }, + { + "name": "1036791", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036791" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4345.json b/2016/4xxx/CVE-2016-4345.json index f3af9ad6a3d..7fe0f8db781 100644 --- a/2016/4xxx/CVE-2016-4345.json +++ b/2016/4xxx/CVE-2016-4345.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4345", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4345", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160428 [CVE Requests] PHP issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/28/2" - }, - { - "name" : "http://php.net/ChangeLog-7.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-7.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=71637", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=71637" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.php.net/bug.php?id=71637", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=71637" + }, + { + "name": "[oss-security] 20160428 [CVE Requests] PHP issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/28/2" + }, + { + "name": "http://php.net/ChangeLog-7.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-7.php" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4348.json b/2016/4xxx/CVE-2016-4348.json index cff310ae94c..dbe0cad77b9 100644 --- a/2016/4xxx/CVE-2016-4348.json +++ b/2016/4xxx/CVE-2016-4348.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4348", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4348", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160428 CVE requests: DoS in librsvg parsing SVGs with circular definitions", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/28/4" - }, - { - "name" : "[oss-security] 20160428 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/28/7" - }, - { - "name" : "[oss-security] 20160430 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/30/3" - }, - { - "name" : "[oss-security] 20160511 Re: Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/10/15" - }, - { - "name" : "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2", - "refsource" : "CONFIRM", - "url" : "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2" - }, - { - "name" : "DSA-3584", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3584" - }, - { - "name" : "openSUSE-SU-2016:1333", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-05/msg00079.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160428 CVE requests: DoS in librsvg parsing SVGs with circular definitions", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/28/4" + }, + { + "name": "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2", + "refsource": "CONFIRM", + "url": "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2" + }, + { + "name": "[oss-security] 20160430 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/30/3" + }, + { + "name": "DSA-3584", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3584" + }, + { + "name": "openSUSE-SU-2016:1333", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00079.html" + }, + { + "name": "[oss-security] 20160428 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/28/7" + }, + { + "name": "[oss-security] 20160511 Re: Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/10/15" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4480.json b/2016/4xxx/CVE-2016-4480.json index cf6eb71f18d..105dc6251bc 100644 --- a/2016/4xxx/CVE-2016-4480.json +++ b/2016/4xxx/CVE-2016-4480.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4480", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4480", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xenbits.xen.org/xsa/advisory-176.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-176.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" - }, - { - "name" : "DSA-3633", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3633" - }, - { - "name" : "90710", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90710" - }, - { - "name" : "1035901", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035901" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" + }, + { + "name": "90710", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90710" + }, + { + "name": "1035901", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035901" + }, + { + "name": "DSA-3633", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3633" + }, + { + "name": "http://xenbits.xen.org/xsa/advisory-176.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-176.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9289.json b/2016/9xxx/CVE-2016-9289.json index 1ae52a38069..f272e0528fb 100644 --- a/2016/9xxx/CVE-2016-9289.json +++ b/2016/9xxx/CVE-2016-9289.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9289", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9289", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9540.json b/2016/9xxx/CVE-2016-9540.json index ac93f957519..4256855650a 100644 --- a/2016/9xxx/CVE-2016-9540.json +++ b/2016/9xxx/CVE-2016-9540.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9540", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka \"cpStripToTile heap-buffer-overflow.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9540", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3", - "refsource" : "CONFIRM", - "url" : "https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3" - }, - { - "name" : "DSA-3762", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3762" - }, - { - "name" : "RHSA-2017:0225", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0225.html" - }, - { - "name" : "94484", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94484" - }, - { - "name" : "94747", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94747" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka \"cpStripToTile heap-buffer-overflow.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3", + "refsource": "CONFIRM", + "url": "https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3" + }, + { + "name": "94747", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94747" + }, + { + "name": "RHSA-2017:0225", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0225.html" + }, + { + "name": "94484", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94484" + }, + { + "name": "DSA-3762", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3762" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2082.json b/2019/2xxx/CVE-2019-2082.json index 791d58651d9..852fcecbfca 100644 --- a/2019/2xxx/CVE-2019-2082.json +++ b/2019/2xxx/CVE-2019-2082.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2082", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2082", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2176.json b/2019/2xxx/CVE-2019-2176.json index ff7ded47a5e..ce95d21636d 100644 --- a/2019/2xxx/CVE-2019-2176.json +++ b/2019/2xxx/CVE-2019-2176.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2176", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2176", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2691.json b/2019/2xxx/CVE-2019-2691.json index da455a48a3a..99216c2275a 100644 --- a/2019/2xxx/CVE-2019-2691.json +++ b/2019/2xxx/CVE-2019-2691.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2691", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2691", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2773.json b/2019/2xxx/CVE-2019-2773.json index a636ffce1ee..21631ced6d1 100644 --- a/2019/2xxx/CVE-2019-2773.json +++ b/2019/2xxx/CVE-2019-2773.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2773", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2773", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3362.json b/2019/3xxx/CVE-2019-3362.json index 06898bb34b0..dc1c998bd03 100644 --- a/2019/3xxx/CVE-2019-3362.json +++ b/2019/3xxx/CVE-2019-3362.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3362", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3362", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3788.json b/2019/3xxx/CVE-2019-3788.json index 5cfd49d7340..50b93f6d06a 100644 --- a/2019/3xxx/CVE-2019-3788.json +++ b/2019/3xxx/CVE-2019-3788.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3788", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3788", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3868.json b/2019/3xxx/CVE-2019-3868.json index 1a7c666eaa3..7e367940f63 100644 --- a/2019/3xxx/CVE-2019-3868.json +++ b/2019/3xxx/CVE-2019-3868.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3868", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3868", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3915.json b/2019/3xxx/CVE-2019-3915.json index d1560086bbe..26721d9b26c 100644 --- a/2019/3xxx/CVE-2019-3915.json +++ b/2019/3xxx/CVE-2019-3915.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3915", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3915", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6036.json b/2019/6xxx/CVE-2019-6036.json index a70b3492f85..283f36a974d 100644 --- a/2019/6xxx/CVE-2019-6036.json +++ b/2019/6xxx/CVE-2019-6036.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6036", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6036", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6074.json b/2019/6xxx/CVE-2019-6074.json index e3d0b1b92a4..d8ad949608d 100644 --- a/2019/6xxx/CVE-2019-6074.json +++ b/2019/6xxx/CVE-2019-6074.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6074", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6074", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6265.json b/2019/6xxx/CVE-2019-6265.json index d8cc6eacbb6..0b7c570e949 100644 --- a/2019/6xxx/CVE-2019-6265.json +++ b/2019/6xxx/CVE-2019-6265.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6265", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6265", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.detack.de/en/cve-2019-6265-6266", - "refsource" : "MISC", - "url" : "https://www.detack.de/en/cve-2019-6265-6266" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.detack.de/en/cve-2019-6265-6266", + "refsource": "MISC", + "url": "https://www.detack.de/en/cve-2019-6265-6266" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6830.json b/2019/6xxx/CVE-2019-6830.json index 2132f84752e..c0317674024 100644 --- a/2019/6xxx/CVE-2019-6830.json +++ b/2019/6xxx/CVE-2019-6830.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6830", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6830", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7175.json b/2019/7xxx/CVE-2019-7175.json index 56b43e27976..9d414116c17 100644 --- a/2019/7xxx/CVE-2019-7175.json +++ b/2019/7xxx/CVE-2019-7175.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7175", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7175", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", - "refsource" : "MISC", - "url" : "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae" - }, - { - "name" : "https://github.com/ImageMagick/ImageMagick/issues/1450", - "refsource" : "MISC", - "url" : "https://github.com/ImageMagick/ImageMagick/issues/1450" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", + "refsource": "MISC", + "url": "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae" + }, + { + "name": "https://github.com/ImageMagick/ImageMagick/issues/1450", + "refsource": "MISC", + "url": "https://github.com/ImageMagick/ImageMagick/issues/1450" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7243.json b/2019/7xxx/CVE-2019-7243.json index 9cf48cd3926..6513bd369ca 100644 --- a/2019/7xxx/CVE-2019-7243.json +++ b/2019/7xxx/CVE-2019-7243.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7243", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7243", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7785.json b/2019/7xxx/CVE-2019-7785.json index ad179c9021d..a71361d4f77 100644 --- a/2019/7xxx/CVE-2019-7785.json +++ b/2019/7xxx/CVE-2019-7785.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7785", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7785", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8179.json b/2019/8xxx/CVE-2019-8179.json index e056b1cf17a..ad0a3750325 100644 --- a/2019/8xxx/CVE-2019-8179.json +++ b/2019/8xxx/CVE-2019-8179.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8179", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8179", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8248.json b/2019/8xxx/CVE-2019-8248.json index 889fc482ef8..960bc01d228 100644 --- a/2019/8xxx/CVE-2019-8248.json +++ b/2019/8xxx/CVE-2019-8248.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8248", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8248", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8427.json b/2019/8xxx/CVE-2019-8427.json index 75e0c0b0399..1bace3209ca 100644 --- a/2019/8xxx/CVE-2019-8427.json +++ b/2019/8xxx/CVE-2019-8427.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8427", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8427", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#includesfunctionsphp-daemoncontrol-command-injection", - "refsource" : "MISC", - "url" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#includesfunctionsphp-daemoncontrol-command-injection" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#includesfunctionsphp-daemoncontrol-command-injection", + "refsource": "MISC", + "url": "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#includesfunctionsphp-daemoncontrol-command-injection" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8628.json b/2019/8xxx/CVE-2019-8628.json index 31b698dfe6b..30c01d4437c 100644 --- a/2019/8xxx/CVE-2019-8628.json +++ b/2019/8xxx/CVE-2019-8628.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8628", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8628", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9371.json b/2019/9xxx/CVE-2019-9371.json index 26f902c8bf7..be9f4863f96 100644 --- a/2019/9xxx/CVE-2019-9371.json +++ b/2019/9xxx/CVE-2019-9371.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9371", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9371", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file