From 21f1bc56f6921092071a6d49614d1e3600804092 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 03:08:23 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0133.json | 130 +++--- 2007/0xxx/CVE-2007-0139.json | 190 ++++----- 2007/0xxx/CVE-2007-0266.json | 170 ++++---- 2007/0xxx/CVE-2007-0438.json | 34 +- 2007/0xxx/CVE-2007-0493.json | 620 ++++++++++++++--------------- 2007/1xxx/CVE-2007-1413.json | 170 ++++---- 2007/1xxx/CVE-2007-1500.json | 170 ++++---- 2007/1xxx/CVE-2007-1789.json | 160 ++++---- 2007/3xxx/CVE-2007-3904.json | 34 +- 2007/4xxx/CVE-2007-4455.json | 190 ++++----- 2007/4xxx/CVE-2007-4665.json | 210 +++++----- 2014/5xxx/CVE-2014-5151.json | 34 +- 2014/5xxx/CVE-2014-5789.json | 140 +++---- 2015/2xxx/CVE-2015-2349.json | 150 +++---- 2015/2xxx/CVE-2015-2391.json | 130 +++--- 2015/2xxx/CVE-2015-2704.json | 160 ++++---- 2015/6xxx/CVE-2015-6721.json | 140 +++---- 2015/7xxx/CVE-2015-7083.json | 210 +++++----- 2015/7xxx/CVE-2015-7539.json | 140 +++---- 2015/7xxx/CVE-2015-7640.json | 150 +++---- 2015/7xxx/CVE-2015-7756.json | 200 +++++----- 2015/7xxx/CVE-2015-7825.json | 130 +++--- 2016/0xxx/CVE-2016-0101.json | 140 +++---- 2016/0xxx/CVE-2016-0203.json | 190 ++++----- 2016/0xxx/CVE-2016-0330.json | 130 +++--- 2016/0xxx/CVE-2016-0380.json | 140 +++---- 2016/0xxx/CVE-2016-0837.json | 130 +++--- 2016/1000xxx/CVE-2016-1000178.json | 34 +- 2016/10xxx/CVE-2016-10544.json | 132 +++--- 2016/1xxx/CVE-2016-1164.json | 34 +- 2016/1xxx/CVE-2016-1175.json | 140 +++---- 2016/1xxx/CVE-2016-1990.json | 130 +++--- 2016/4xxx/CVE-2016-4302.json | 220 +++++----- 2016/4xxx/CVE-2016-4370.json | 120 +++--- 2016/4xxx/CVE-2016-4507.json | 120 +++--- 2016/4xxx/CVE-2016-4515.json | 34 +- 2016/4xxx/CVE-2016-4620.json | 160 ++++---- 2016/4xxx/CVE-2016-4789.json | 130 +++--- 2019/3xxx/CVE-2019-3045.json | 34 +- 2019/3xxx/CVE-2019-3235.json | 34 +- 2019/3xxx/CVE-2019-3285.json | 34 +- 2019/3xxx/CVE-2019-3697.json | 34 +- 2019/3xxx/CVE-2019-3722.json | 34 +- 2019/4xxx/CVE-2019-4461.json | 34 +- 2019/4xxx/CVE-2019-4766.json | 34 +- 2019/4xxx/CVE-2019-4979.json | 34 +- 2019/6xxx/CVE-2019-6005.json | 34 +- 2019/6xxx/CVE-2019-6104.json | 34 +- 2019/6xxx/CVE-2019-6110.json | 160 ++++---- 2019/6xxx/CVE-2019-6415.json | 34 +- 2019/7xxx/CVE-2019-7418.json | 34 +- 2019/7xxx/CVE-2019-7712.json | 34 +- 2019/7xxx/CVE-2019-7956.json | 34 +- 2019/8xxx/CVE-2019-8089.json | 34 +- 2019/8xxx/CVE-2019-8128.json | 34 +- 2019/8xxx/CVE-2019-8605.json | 34 +- 2019/8xxx/CVE-2019-8834.json | 34 +- 2019/9xxx/CVE-2019-9332.json | 34 +- 2019/9xxx/CVE-2019-9338.json | 34 +- 59 files changed, 3243 insertions(+), 3243 deletions(-) diff --git a/2007/0xxx/CVE-2007-0133.json b/2007/0xxx/CVE-2007-0133.json index 01df112a188..8dca1059e5a 100644 --- a/2007/0xxx/CVE-2007-0133.json +++ b/2007/0xxx/CVE-2007-0133.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0133", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in display_review.php in iGeneric iG Shop 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) user_login_cookie parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0133", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ADV-2007-0056", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0056" - }, - { - "name" : "33386", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33386" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in display_review.php in iGeneric iG Shop 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) user_login_cookie parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33386", + "refsource": "OSVDB", + "url": "http://osvdb.org/33386" + }, + { + "name": "ADV-2007-0056", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0056" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0139.json b/2007/0xxx/CVE-2007-0139.json index 614387e9b97..d95fe40a524 100644 --- a/2007/0xxx/CVE-2007-0139.json +++ b/2007/0xxx/CVE-2007-0139.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0139", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain \"unintended privileged access to data and system resources\" via unspecified vectors, related to (1) [SYSEXE]CTF$UI.EXE, (2) [SYSMSG]CTF$MESSAGES.EXE, (3) [SYSHLP]CTF$HELP.HLB, and (4) [SYSMGR]CTF$STARTUP.COM." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0139", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIMUP01-V0703-2.txt", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIMUP01-V0703-2.txt" - }, - { - "name" : "ftp://ftp.itrc.hp.com/openvms_patches/vax/V7.3/VAX_DNVOSIMUP01-V0703.txt", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.itrc.hp.com/openvms_patches/vax/V7.3/VAX_DNVOSIMUP01-V0703.txt" - }, - { - "name" : "ADV-2007-0063", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0063" - }, - { - "name" : "32583", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32583" - }, - { - "name" : "32584", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32584" - }, - { - "name" : "32585", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32585" - }, - { - "name" : "32586", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32586" - }, - { - "name" : "23636", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23636" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain \"unintended privileged access to data and system resources\" via unspecified vectors, related to (1) [SYSEXE]CTF$UI.EXE, (2) [SYSMSG]CTF$MESSAGES.EXE, (3) [SYSHLP]CTF$HELP.HLB, and (4) [SYSMGR]CTF$STARTUP.COM." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32583", + "refsource": "OSVDB", + "url": "http://osvdb.org/32583" + }, + { + "name": "32586", + "refsource": "OSVDB", + "url": "http://osvdb.org/32586" + }, + { + "name": "32584", + "refsource": "OSVDB", + "url": "http://osvdb.org/32584" + }, + { + "name": "32585", + "refsource": "OSVDB", + "url": "http://osvdb.org/32585" + }, + { + "name": "ftp://ftp.itrc.hp.com/openvms_patches/vax/V7.3/VAX_DNVOSIMUP01-V0703.txt", + "refsource": "CONFIRM", + "url": "ftp://ftp.itrc.hp.com/openvms_patches/vax/V7.3/VAX_DNVOSIMUP01-V0703.txt" + }, + { + "name": "ADV-2007-0063", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0063" + }, + { + "name": "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIMUP01-V0703-2.txt", + "refsource": "CONFIRM", + "url": "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIMUP01-V0703-2.txt" + }, + { + "name": "23636", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23636" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0266.json b/2007/0xxx/CVE-2007-0266.json index db5c799029b..f63b0f50924 100644 --- a/2007/0xxx/CVE-2007-0266.json +++ b/2007/0xxx/CVE-2007-0266.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0266", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in boxx/ShowAppendix.asp in Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the iid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0266", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070111 Ezboxx multiple vulnerabilities.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456699/100/0/threaded" - }, - { - "name" : "http://www.bugsec.com/articles.php?Security=20", - "refsource" : "MISC", - "url" : "http://www.bugsec.com/articles.php?Security=20" - }, - { - "name" : "ADV-2007-0208", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0208" - }, - { - "name" : "32825", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32825" - }, - { - "name" : "33466", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33466" - }, - { - "name" : "23759", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23759" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in boxx/ShowAppendix.asp in Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the iid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23759", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23759" + }, + { + "name": "ADV-2007-0208", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0208" + }, + { + "name": "32825", + "refsource": "OSVDB", + "url": "http://osvdb.org/32825" + }, + { + "name": "http://www.bugsec.com/articles.php?Security=20", + "refsource": "MISC", + "url": "http://www.bugsec.com/articles.php?Security=20" + }, + { + "name": "20070111 Ezboxx multiple vulnerabilities.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456699/100/0/threaded" + }, + { + "name": "33466", + "refsource": "OSVDB", + "url": "http://osvdb.org/33466" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0438.json b/2007/0xxx/CVE-2007-0438.json index e38557eb19f..89f61589ce9 100644 --- a/2007/0xxx/CVE-2007-0438.json +++ b/2007/0xxx/CVE-2007-0438.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0438", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0438", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0493.json b/2007/0xxx/CVE-2007-0493.json index f3920a971a9..916afcb519a 100644 --- a/2007/0xxx/CVE-2007-0493.json +++ b/2007/0xxx/CVE-2007-0493.json @@ -1,312 +1,312 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0493", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to \"dereference a freed fetch context.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0493", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070125 BIND remote exploit (low severity) [Fwd: Internet Systems Consortium Security Advisory.]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458066/100/0/threaded" - }, - { - "name" : "20070125 BIND remote exploit (low severity) [Fwd: Internet Systems Consortium Security Advisory.]", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/052018.html" - }, - { - "name" : "[bind-announce] 20070125 Internet Systems Consortium Security Advisory.", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=bind-announce&m=116968519321296&w=2" - }, - { - "name" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php", - "refsource" : "CONFIRM", - "url" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php" - }, - { - "name" : "http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8", - "refsource" : "CONFIRM", - "url" : "http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8" - }, - { - "name" : "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4", - "refsource" : "CONFIRM", - "url" : "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-989", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-989" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=305530", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=305530" - }, - { - "name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488", - "refsource" : "CONFIRM", - "url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488" - }, - { - "name" : "APPLE-SA-2007-05-24", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html" - }, - { - "name" : "FEDORA-2007-147", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2507" - }, - { - "name" : "FEDORA-2007-164", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2537" - }, - { - "name" : "FreeBSD-SA-07:02", - "refsource" : "FREEBSD", - "url" : "http://security.freebsd.org/advisories/FreeBSD-SA-07:02.bind.asc" - }, - { - "name" : "GLSA-200702-06", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200702-06.xml" - }, - { - "name" : "HPSBTU02207", - "refsource" : "HP", - "url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" - }, - { - "name" : "SSRT061213", - "refsource" : "HP", - "url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" - }, - { - "name" : "SSRT061239", - "refsource" : "HP", - "url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" - }, - { - "name" : "SSRT071304", - "refsource" : "HP", - "url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" - }, - { - "name" : "HPSBUX02219", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495" - }, - { - "name" : "SSRT061273", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495" - }, - { - "name" : "MDKSA-2007:030", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:030" - }, - { - "name" : "NetBSD-SA2007-003", - "refsource" : "NETBSD", - "url" : "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-003.txt.asc" - }, - { - "name" : "OpenPKG-SA-2007.007", - "refsource" : "OPENPKG", - "url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.007.html" - }, - { - "name" : "RHSA-2007:0057", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0057.html" - }, - { - "name" : "SSA:2007-026-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.494157" - }, - { - "name" : "SUSE-SA:2007:014", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0016.html" - }, - { - "name" : "2007-0005", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0005" - }, - { - "name" : "USN-418-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-418-1" - }, - { - "name" : "22229", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22229" - }, - { - "name" : "oval:org.mitre.oval:def:9614", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9614" - }, - { - "name" : "ADV-2007-0349", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0349" - }, - { - "name" : "ADV-2007-1401", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1401" - }, - { - "name" : "ADV-2007-1939", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1939" - }, - { - "name" : "ADV-2007-2163", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2163" - }, - { - "name" : "ADV-2007-2315", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2315" - }, - { - "name" : "1017561", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017561" - }, - { - "name" : "23904", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23904" - }, - { - "name" : "23972", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23972" - }, - { - "name" : "23924", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23924" - }, - { - "name" : "23943", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23943" - }, - { - "name" : "23974", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23974" - }, - { - "name" : "23977", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23977" - }, - { - "name" : "24054", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24054" - }, - { - "name" : "24014", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24014" - }, - { - "name" : "24048", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24048" - }, - { - "name" : "24129", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24129" - }, - { - "name" : "24203", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24203" - }, - { - "name" : "24950", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24950" - }, - { - "name" : "24930", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24930" - }, - { - "name" : "25402", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25402" - }, - { - "name" : "25649", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25649" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to \"dereference a freed fetch context.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT061273", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=305530", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=305530" + }, + { + "name": "GLSA-200702-06", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200702-06.xml" + }, + { + "name": "24129", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24129" + }, + { + "name": "24048", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24048" + }, + { + "name": "ADV-2007-1939", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1939" + }, + { + "name": "FreeBSD-SA-07:02", + "refsource": "FREEBSD", + "url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:02.bind.asc" + }, + { + "name": "SSRT071304", + "refsource": "HP", + "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" + }, + { + "name": "OpenPKG-SA-2007.007", + "refsource": "OPENPKG", + "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.007.html" + }, + { + "name": "NetBSD-SA2007-003", + "refsource": "NETBSD", + "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-003.txt.asc" + }, + { + "name": "23943", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23943" + }, + { + "name": "MDKSA-2007:030", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:030" + }, + { + "name": "RHSA-2007:0057", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0057.html" + }, + { + "name": "2007-0005", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0005" + }, + { + "name": "APPLE-SA-2007-05-24", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html" + }, + { + "name": "25402", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25402" + }, + { + "name": "25649", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25649" + }, + { + "name": "24930", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24930" + }, + { + "name": "ADV-2007-2163", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2163" + }, + { + "name": "SSRT061213", + "refsource": "HP", + "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" + }, + { + "name": "FEDORA-2007-164", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2537" + }, + { + "name": "23977", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23977" + }, + { + "name": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8", + "refsource": "CONFIRM", + "url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8" + }, + { + "name": "SSRT061239", + "refsource": "HP", + "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" + }, + { + "name": "http://www.isc.org/index.pl?/sw/bind/bind-security.php", + "refsource": "CONFIRM", + "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php" + }, + { + "name": "HPSBUX02219", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495" + }, + { + "name": "USN-418-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-418-1" + }, + { + "name": "24203", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24203" + }, + { + "name": "24014", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24014" + }, + { + "name": "24054", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24054" + }, + { + "name": "23974", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23974" + }, + { + "name": "ADV-2007-2315", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2315" + }, + { + "name": "20070125 BIND remote exploit (low severity) [Fwd: Internet Systems Consortium Security Advisory.]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458066/100/0/threaded" + }, + { + "name": "SUSE-SA:2007:014", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0016.html" + }, + { + "name": "https://issues.rpath.com/browse/RPL-989", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-989" + }, + { + "name": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4", + "refsource": "CONFIRM", + "url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4" + }, + { + "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488", + "refsource": "CONFIRM", + "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488" + }, + { + "name": "[bind-announce] 20070125 Internet Systems Consortium Security Advisory.", + "refsource": "MLIST", + "url": "http://marc.info/?l=bind-announce&m=116968519321296&w=2" + }, + { + "name": "ADV-2007-1401", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1401" + }, + { + "name": "FEDORA-2007-147", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2507" + }, + { + "name": "23904", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23904" + }, + { + "name": "HPSBTU02207", + "refsource": "HP", + "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" + }, + { + "name": "22229", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22229" + }, + { + "name": "ADV-2007-0349", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0349" + }, + { + "name": "20070125 BIND remote exploit (low severity) [Fwd: Internet Systems Consortium Security Advisory.]", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/052018.html" + }, + { + "name": "1017561", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017561" + }, + { + "name": "23924", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23924" + }, + { + "name": "oval:org.mitre.oval:def:9614", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9614" + }, + { + "name": "SSA:2007-026-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.494157" + }, + { + "name": "24950", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24950" + }, + { + "name": "23972", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23972" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1413.json b/2007/1xxx/CVE-2007-1413.json index 0378861e36b..5c9e3fb4858 100644 --- a/2007/1xxx/CVE-2007-1413.json +++ b/2007/1xxx/CVE-2007-1413.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1413", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the snmpget function in the snmp extension in PHP 5.2.3 and earlier, including PHP 4.4.6 and probably other PHP 4 versions, allows context-dependent attackers to execute arbitrary code via a long value in the third argument (object id)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1413", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3439", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3439" - }, - { - "name" : "4204", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4204" - }, - { - "name" : "http://retrogod.altervista.org/php_446_snmpget_local_bof.html", - "refsource" : "MISC", - "url" : "http://retrogod.altervista.org/php_446_snmpget_local_bof.html" - }, - { - "name" : "22893", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22893" - }, - { - "name" : "24440", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24440" - }, - { - "name" : "php-snmpget-function-bo(35517)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35517" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the snmpget function in the snmp extension in PHP 5.2.3 and earlier, including PHP 4.4.6 and probably other PHP 4 versions, allows context-dependent attackers to execute arbitrary code via a long value in the third argument (object id)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "php-snmpget-function-bo(35517)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35517" + }, + { + "name": "4204", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4204" + }, + { + "name": "3439", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3439" + }, + { + "name": "http://retrogod.altervista.org/php_446_snmpget_local_bof.html", + "refsource": "MISC", + "url": "http://retrogod.altervista.org/php_446_snmpget_local_bof.html" + }, + { + "name": "24440", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24440" + }, + { + "name": "22893", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22893" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1500.json b/2007/1xxx/CVE-2007-1500.json index dc7ab18a5ee..6da0407d666 100644 --- a/2007/1xxx/CVE-2007-1500.json +++ b/2007/1xxx/CVE-2007-1500.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1500", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1500", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=159542", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=159542" - }, - { - "name" : "GLSA-200703-20", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-20.xml" - }, - { - "name" : "23014", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23014" - }, - { - "name" : "34267", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34267" - }, - { - "name" : "24526", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24526" - }, - { - "name" : "gentoo-lsat-symlink(33057)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33057" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24526", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24526" + }, + { + "name": "23014", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23014" + }, + { + "name": "gentoo-lsat-symlink(33057)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33057" + }, + { + "name": "34267", + "refsource": "OSVDB", + "url": "http://osvdb.org/34267" + }, + { + "name": "GLSA-200703-20", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-20.xml" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=159542", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=159542" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1789.json b/2007/1xxx/CVE-2007-1789.json index d67ab39d463..348d33f7712 100644 --- a/2007/1xxx/CVE-2007-1789.json +++ b/2007/1xxx/CVE-2007-1789.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1789", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Flyspray 0.9.9 allows remote attackers to obtain sensitive information (private project summaries) via direct requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1789", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.flyspray.org/changelog", - "refsource" : "CONFIRM", - "url" : "http://www.flyspray.org/changelog" - }, - { - "name" : "23214", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23214" - }, - { - "name" : "ADV-2007-1181", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1181" - }, - { - "name" : "34591", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34591" - }, - { - "name" : "24702", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24702" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Flyspray 0.9.9 allows remote attackers to obtain sensitive information (private project summaries) via direct requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23214", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23214" + }, + { + "name": "34591", + "refsource": "OSVDB", + "url": "http://osvdb.org/34591" + }, + { + "name": "24702", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24702" + }, + { + "name": "http://www.flyspray.org/changelog", + "refsource": "CONFIRM", + "url": "http://www.flyspray.org/changelog" + }, + { + "name": "ADV-2007-1181", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1181" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3904.json b/2007/3xxx/CVE-2007-3904.json index ab1669ec913..f96be36d3d4 100644 --- a/2007/3xxx/CVE-2007-3904.json +++ b/2007/3xxx/CVE-2007-3904.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3904", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-3904", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4455.json b/2007/4xxx/CVE-2007-4455.json index 760d8ef9fca..7c8d48343b6 100644 --- a/2007/4xxx/CVE-2007-4455.json +++ b/2007/4xxx/CVE-2007-4455.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4455", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before 1.4.11, AsteriskNOW before beta7, Asterisk Appliance Developer Kit 0.x before 0.8.0, and s800i (Asterisk Appliance) 1.x before 1.0.3 allows remote attackers to cause a denial of service (memory exhaustion) via a SIP dialog that causes a large number of history entries to be created." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4455", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070821 AST-2007-020: Resource Exhaustion Vulnerability in Asterisk SIP channel driver", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2007/Aug/0393.html" - }, - { - "name" : "http://downloads.digium.com/pub/asa/AST-2007-020.html", - "refsource" : "CONFIRM", - "url" : "http://downloads.digium.com/pub/asa/AST-2007-020.html" - }, - { - "name" : "25392", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25392" - }, - { - "name" : "ADV-2007-2953", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2953" - }, - { - "name" : "1018595", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018595" - }, - { - "name" : "26553", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26553" - }, - { - "name" : "3047", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3047" - }, - { - "name" : "asterisk-sip-dialoghistory-dos(36145)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36145" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before 1.4.11, AsteriskNOW before beta7, Asterisk Appliance Developer Kit 0.x before 0.8.0, and s800i (Asterisk Appliance) 1.x before 1.0.3 allows remote attackers to cause a denial of service (memory exhaustion) via a SIP dialog that causes a large number of history entries to be created." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3047", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3047" + }, + { + "name": "ADV-2007-2953", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2953" + }, + { + "name": "http://downloads.digium.com/pub/asa/AST-2007-020.html", + "refsource": "CONFIRM", + "url": "http://downloads.digium.com/pub/asa/AST-2007-020.html" + }, + { + "name": "25392", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25392" + }, + { + "name": "20070821 AST-2007-020: Resource Exhaustion Vulnerability in Asterisk SIP channel driver", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2007/Aug/0393.html" + }, + { + "name": "asterisk-sip-dialoghistory-dos(36145)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36145" + }, + { + "name": "26553", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26553" + }, + { + "name": "1018595", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018595" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4665.json b/2007/4xxx/CVE-2007-4665.json index 6742351d092..dbfaef1c5ee 100644 --- a/2007/4xxx/CVE-2007-4665.json +++ b/2007/4xxx/CVE-2007-4665.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4665", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to cause a denial of service (daemon crash) via an XNET session that makes multiple simultaneous requests to register events, aka CORE-1403." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4665", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=535898", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=535898" - }, - { - "name" : "http://tracker.firebirdsql.org/browse/CORE-1403", - "refsource" : "CONFIRM", - "url" : "http://tracker.firebirdsql.org/browse/CORE-1403" - }, - { - "name" : "http://www.firebirdsql.org/index.php?op=files&id=engine_202", - "refsource" : "CONFIRM", - "url" : "http://www.firebirdsql.org/index.php?op=files&id=engine_202" - }, - { - "name" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf" - }, - { - "name" : "DSA-1529", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1529" - }, - { - "name" : "25497", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25497" - }, - { - "name" : "ADV-2007-3021", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3021" - }, - { - "name" : "26615", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26615" - }, - { - "name" : "29501", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29501" - }, - { - "name" : "firebird-xnet-dos(36353)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36353" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to cause a denial of service (daemon crash) via an XNET session that makes multiple simultaneous requests to register events, aka CORE-1403." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25497", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25497" + }, + { + "name": "http://tracker.firebirdsql.org/browse/CORE-1403", + "refsource": "CONFIRM", + "url": "http://tracker.firebirdsql.org/browse/CORE-1403" + }, + { + "name": "ADV-2007-3021", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3021" + }, + { + "name": "26615", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26615" + }, + { + "name": "firebird-xnet-dos(36353)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36353" + }, + { + "name": "http://www.firebirdsql.org/index.php?op=files&id=engine_202", + "refsource": "CONFIRM", + "url": "http://www.firebirdsql.org/index.php?op=files&id=engine_202" + }, + { + "name": "29501", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29501" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=535898", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=535898" + }, + { + "name": "DSA-1529", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1529" + }, + { + "name": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf", + "refsource": "CONFIRM", + "url": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5151.json b/2014/5xxx/CVE-2014-5151.json index dd2bd2555b5..699bd0664be 100644 --- a/2014/5xxx/CVE-2014-5151.json +++ b/2014/5xxx/CVE-2014-5151.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5151", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5151", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5789.json b/2014/5xxx/CVE-2014-5789.json index cc3a304668a..78bfdb46367 100644 --- a/2014/5xxx/CVE-2014-5789.json +++ b/2014/5xxx/CVE-2014-5789.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5789", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Ninja Chicken Ooga Booga (aka mominis.Generic_Android.Ninja_Chicken_Ooga_Booga) application 1.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5789", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#890321", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/890321" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Ninja Chicken Ooga Booga (aka mominis.Generic_Android.Ninja_Chicken_Ooga_Booga) application 1.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#890321", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/890321" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2349.json b/2015/2xxx/CVE-2015-2349.json index 06d037d58e1..6867f5e7793 100644 --- a/2015/2xxx/CVE-2015-2349.json +++ b/2015/2xxx/CVE-2015-2349.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2349", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2349", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150310 SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Security Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Mar/55" - }, - { - "name" : "http://packetstormsecurity.com/files/130751/SuperWebMailer-5.50.0.01160-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/130751/SuperWebMailer-5.50.0.01160-Cross-Site-Scripting.html" - }, - { - "name" : "http://tetraph.com/security/xss-vulnerability/superwebmailer-5-50-0-01160-xss-cross-site-scripting-security-vulnerabilities/", - "refsource" : "MISC", - "url" : "http://tetraph.com/security/xss-vulnerability/superwebmailer-5-50-0-01160-xss-cross-site-scripting-security-vulnerabilities/" - }, - { - "name" : "73063", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73063" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150310 SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Security Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Mar/55" + }, + { + "name": "http://packetstormsecurity.com/files/130751/SuperWebMailer-5.50.0.01160-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/130751/SuperWebMailer-5.50.0.01160-Cross-Site-Scripting.html" + }, + { + "name": "73063", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73063" + }, + { + "name": "http://tetraph.com/security/xss-vulnerability/superwebmailer-5-50-0-01160-xss-cross-site-scripting-security-vulnerabilities/", + "refsource": "MISC", + "url": "http://tetraph.com/security/xss-vulnerability/superwebmailer-5-50-0-01160-xss-cross-site-scripting-security-vulnerabilities/" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2391.json b/2015/2xxx/CVE-2015-2391.json index 4ebba581755..5b75b9cb015 100644 --- a/2015/2xxx/CVE-2015-2391.json +++ b/2015/2xxx/CVE-2015-2391.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2391", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2391", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-065", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" - }, - { - "name" : "1032894", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032894", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032894" + }, + { + "name": "MS15-065", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2704.json b/2015/2xxx/CVE-2015-2704.json index ffe1d776d94..8b5dc011f17 100644 --- a/2015/2xxx/CVE-2015-2704.json +++ b/2015/2xxx/CVE-2015-2704.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2704", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "realmd allows remote attackers to inject arbitrary configurations in to sssd.conf and smb.conf via a newline character in an LDAP response." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2704", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.freedesktop.org/show_bug.cgi?id=89207", - "refsource" : "CONFIRM", - "url" : "https://bugs.freedesktop.org/show_bug.cgi?id=89207" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "FEDORA-2015-6387", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157358.html" - }, - { - "name" : "FEDORA-2015-6124", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155862.html" - }, - { - "name" : "73352", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73352" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "realmd allows remote attackers to inject arbitrary configurations in to sssd.conf and smb.conf via a newline character in an LDAP response." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2015-6124", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155862.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "FEDORA-2015-6387", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157358.html" + }, + { + "name": "73352", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73352" + }, + { + "name": "https://bugs.freedesktop.org/show_bug.cgi?id=89207", + "refsource": "CONFIRM", + "url": "https://bugs.freedesktop.org/show_bug.cgi?id=89207" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6721.json b/2015/6xxx/CVE-2015-6721.json index 5ddb14d6144..f081f0ed4bd 100644 --- a/2015/6xxx/CVE-2015-6721.json +++ b/2015/6xxx/CVE-2015-6721.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6721", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-6721", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-502", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-502" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" - }, - { - "name" : "1033796", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033796" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" + }, + { + "name": "1033796", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033796" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-502", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-502" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7083.json b/2015/7xxx/CVE-2015-7083.json index a8c193a5c06..10002d5f50a 100644 --- a/2015/7xxx/CVE-2015-7083.json +++ b/2015/7xxx/CVE-2015-7083.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7083", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7083", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205635", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205635" - }, - { - "name" : "https://support.apple.com/HT205637", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205637" - }, - { - "name" : "https://support.apple.com/HT205640", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205640" - }, - { - "name" : "https://support.apple.com/HT205641", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205641" - }, - { - "name" : "APPLE-SA-2015-12-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-12-08-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-12-08-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" - }, - { - "name" : "APPLE-SA-2015-12-08-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" - }, - { - "name" : "78719", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78719" - }, - { - "name" : "1034344", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205635", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205635" + }, + { + "name": "https://support.apple.com/HT205637", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205637" + }, + { + "name": "1034344", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034344" + }, + { + "name": "APPLE-SA-2015-12-08-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html" + }, + { + "name": "APPLE-SA-2015-12-08-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" + }, + { + "name": "78719", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78719" + }, + { + "name": "APPLE-SA-2015-12-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" + }, + { + "name": "https://support.apple.com/HT205641", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205641" + }, + { + "name": "https://support.apple.com/HT205640", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205640" + }, + { + "name": "APPLE-SA-2015-12-08-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7539.json b/2015/7xxx/CVE-2015-7539.json index e452b492463..463075a2488 100644 --- a/2015/7xxx/CVE-2015-7539.json +++ b/2015/7xxx/CVE-2015-7539.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7539", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7539", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09", - "refsource" : "CONFIRM", - "url" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09" - }, - { - "name" : "RHSA-2016:0070", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:0070" - }, - { - "name" : "RHSA-2016:0489", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0489.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09", + "refsource": "CONFIRM", + "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09" + }, + { + "name": "RHSA-2016:0489", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0489.html" + }, + { + "name": "RHSA-2016:0070", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:0070" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7640.json b/2015/7xxx/CVE-2015-7640.json index 6eae83c6a6d..c54277da950 100644 --- a/2015/7xxx/CVE-2015-7640.json +++ b/2015/7xxx/CVE-2015-7640.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7640", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7629, CVE-2015-7631, CVE-2015-7635, CVE-2015-7636, CVE-2015-7637, CVE-2015-7638, CVE-2015-7639, CVE-2015-7641, CVE-2015-7642, CVE-2015-7643, and CVE-2015-7644." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-7640", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html" - }, - { - "name" : "RHSA-2015:2024", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2024.html" - }, - { - "name" : "RHSA-2015:1893", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1893.html" - }, - { - "name" : "77061", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77061" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7629, CVE-2015-7631, CVE-2015-7635, CVE-2015-7636, CVE-2015-7637, CVE-2015-7638, CVE-2015-7639, CVE-2015-7641, CVE-2015-7642, CVE-2015-7643, and CVE-2015-7644." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:2024", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2024.html" + }, + { + "name": "77061", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77061" + }, + { + "name": "RHSA-2015:1893", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1893.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7756.json b/2015/7xxx/CVE-2015-7756.json index e2b85eff6eb..839d5800ff8 100644 --- a/2015/7xxx/CVE-2015-7756.json +++ b/2015/7xxx/CVE-2015-7756.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7756", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The encryption implementation in Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 makes it easier for remote attackers to discover the plaintext content of VPN sessions by sniffing the network for ciphertext data and conducting an unspecified decryption attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7756", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/", - "refsource" : "MISC", - "url" : "http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/" - }, - { - "name" : "http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/", - "refsource" : "MISC", - "url" : "http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/" - }, - { - "name" : "http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/", - "refsource" : "MISC", - "url" : "http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/" - }, - { - "name" : "https://adamcaudill.com/2015/12/17/much-ado-about-juniper/", - "refsource" : "MISC", - "url" : "https://adamcaudill.com/2015/12/17/much-ado-about-juniper/" - }, - { - "name" : "https://github.com/hdm/juniper-cve-2015-7755", - "refsource" : "MISC", - "url" : "https://github.com/hdm/juniper-cve-2015-7755" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713" - }, - { - "name" : "https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554", - "refsource" : "CONFIRM", - "url" : "https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554" - }, - { - "name" : "VU#640184", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/640184" - }, - { - "name" : "1034489", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034489" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The encryption implementation in Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 makes it easier for remote attackers to discover the plaintext content of VPN sessions by sniffing the network for ciphertext data and conducting an unspecified decryption attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/", + "refsource": "MISC", + "url": "http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/" + }, + { + "name": "http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/", + "refsource": "MISC", + "url": "http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/" + }, + { + "name": "1034489", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034489" + }, + { + "name": "VU#640184", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/640184" + }, + { + "name": "https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554", + "refsource": "CONFIRM", + "url": "https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554" + }, + { + "name": "https://github.com/hdm/juniper-cve-2015-7755", + "refsource": "MISC", + "url": "https://github.com/hdm/juniper-cve-2015-7755" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713" + }, + { + "name": "https://adamcaudill.com/2015/12/17/much-ado-about-juniper/", + "refsource": "MISC", + "url": "https://adamcaudill.com/2015/12/17/much-ado-about-juniper/" + }, + { + "name": "http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/", + "refsource": "MISC", + "url": "http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7825.json b/2015/7xxx/CVE-2015-7825.json index 240fd8c9264..7d05dd497cb 100644 --- a/2015/7xxx/CVE-2015-7825.json +++ b/2015/7xxx/CVE-2015-7825.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7825", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7825", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://botan.randombit.net/security.html#id3", - "refsource" : "CONFIRM", - "url" : "https://botan.randombit.net/security.html#id3" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1311618", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1311618" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311618", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311618" + }, + { + "name": "https://botan.randombit.net/security.html#id3", + "refsource": "CONFIRM", + "url": "https://botan.randombit.net/security.html#id3" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0101.json b/2016/0xxx/CVE-2016-0101.json index 5d5c9ef7f06..88037d705a8 100644 --- a/2016/0xxx/CVE-2016-0101.json +++ b/2016/0xxx/CVE-2016-0101.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0101", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka \"Windows Media Parsing Remote Code Execution Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0101", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-027", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-027" - }, - { - "name" : "84111", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84111" - }, - { - "name" : "1035200", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035200" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka \"Windows Media Parsing Remote Code Execution Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035200", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035200" + }, + { + "name": "84111", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84111" + }, + { + "name": "MS16-027", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-027" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0203.json b/2016/0xxx/CVE-2016-0203.json index b68784b397f..36dbe47e973 100644 --- a/2016/0xxx/CVE-2016-0203.json +++ b/2016/0xxx/CVE-2016-0203.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0203", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cloud Orchestrator", - "version" : { - "version_data" : [ - { - "version_value" : "2.2" - }, - { - "version_value" : "2.2.0.1" - }, - { - "version_value" : "2.3" - }, - { - "version_value" : "2.4" - }, - { - "version_value" : "2.3.0.1" - }, - { - "version_value" : "2.4.0.1" - }, - { - "version_value" : "2.4.0.2" - }, - { - "version_value" : "2.5" - }, - { - "version_value" : "2.5.0.1" - }, - { - "version_value" : "2.4.0.3" - }, - { - "version_value" : "2.5.0.2" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual machines in projects where the user belongs to." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0203", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cloud Orchestrator", + "version": { + "version_data": [ + { + "version_value": "2.2" + }, + { + "version_value": "2.2.0.1" + }, + { + "version_value": "2.3" + }, + { + "version_value": "2.4" + }, + { + "version_value": "2.3.0.1" + }, + { + "version_value": "2.4.0.1" + }, + { + "version_value": "2.4.0.2" + }, + { + "version_value": "2.5" + }, + { + "version_value": "2.5.0.1" + }, + { + "version_value": "2.4.0.3" + }, + { + "version_value": "2.5.0.2" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg2C1000140", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg2C1000140" - }, - { - "name" : "94440", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94440" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual machines in projects where the user belongs to." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94440", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94440" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0330.json b/2016/0xxx/CVE-2016-0330.json index 2c9e6398788..fb6784e58f9 100644 --- a/2016/0xxx/CVE-2016-0330.json +++ b/2016/0xxx/CVE-2016-0330.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0330", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by leveraging an attack against the password algorithm." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0330", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985736", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985736" - }, - { - "name" : "1036255", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036255" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by leveraging an attack against the password algorithm." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21985736", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985736" + }, + { + "name": "1036255", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036255" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0380.json b/2016/0xxx/CVE-2016-0380.json index 1d08eb98b31..c2cd0b36509 100644 --- a/2016/0xxx/CVE-2016-0380.json +++ b/2016/0xxx/CVE-2016-0380.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0380", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via standard filesystem operations." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0380", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988278", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988278" - }, - { - "name" : "IT14769", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT14769" - }, - { - "name" : "92336", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92336" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via standard filesystem operations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "92336", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92336" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21988278", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988278" + }, + { + "name": "IT14769", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT14769" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0837.json b/2016/0xxx/CVE-2016-0837.json index da210933b48..204f9d5df86 100644 --- a/2016/0xxx/CVE-2016-0837.json +++ b/2016/0xxx/CVE-2016-0837.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0837", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted media file, aka internal bug 27208621." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-0837", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-04-02.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-04-02.html" - }, - { - "name" : "https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted media file, aka internal bug 27208621." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf" + }, + { + "name": "http://source.android.com/security/bulletin/2016-04-02.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-04-02.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000178.json b/2016/1000xxx/CVE-2016-1000178.json index b3b40ed431e..e871618dd6d 100644 --- a/2016/1000xxx/CVE-2016-1000178.json +++ b/2016/1000xxx/CVE-2016-1000178.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000178", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000178", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10544.json b/2016/10xxx/CVE-2016-10544.json index c538ba37cb7..7a5c65a4d81 100644 --- a/2016/10xxx/CVE-2016-10544.json +++ b/2016/10xxx/CVE-2016-10544.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10544", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "uws node module", - "version" : { - "version_data" : [ - { - "version_value" : ">=0.10.0 <=0.10.8" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "uws is a WebSocket server library. By sending a 256mb websocket message to a uws server instance with permessage-deflate enabled, there is a possibility used compression will shrink said 256mb down to less than 16mb of websocket payload which passes the length check of 16mb payload. This data will then inflate up to 256mb and crash the node process by exceeding V8's maximum string size. This affects uws >=0.10.0 <=0.10.8." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service (CWE-400)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10544", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "uws node module", + "version": { + "version_data": [ + { + "version_value": ">=0.10.0 <=0.10.8" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/uWebSockets/uWebSockets/commit/37deefd01f0875e133ea967122e3a5e421b8fcd9", - "refsource" : "MISC", - "url" : "https://github.com/uWebSockets/uWebSockets/commit/37deefd01f0875e133ea967122e3a5e421b8fcd9" - }, - { - "name" : "https://nodesecurity.io/advisories/149", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/149" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "uws is a WebSocket server library. By sending a 256mb websocket message to a uws server instance with permessage-deflate enabled, there is a possibility used compression will shrink said 256mb down to less than 16mb of websocket payload which passes the length check of 16mb payload. This data will then inflate up to 256mb and crash the node process by exceeding V8's maximum string size. This affects uws >=0.10.0 <=0.10.8." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service (CWE-400)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/uWebSockets/uWebSockets/commit/37deefd01f0875e133ea967122e3a5e421b8fcd9", + "refsource": "MISC", + "url": "https://github.com/uWebSockets/uWebSockets/commit/37deefd01f0875e133ea967122e3a5e421b8fcd9" + }, + { + "name": "https://nodesecurity.io/advisories/149", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/149" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1164.json b/2016/1xxx/CVE-2016-1164.json index a91522b3d53..91d9291157b 100644 --- a/2016/1xxx/CVE-2016-1164.json +++ b/2016/1xxx/CVE-2016-1164.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1164", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-1164", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1175.json b/2016/1xxx/CVE-2016-1175.json index 89b7cb3add6..694a3755082 100644 --- a/2016/1xxx/CVE-2016-1175.json +++ b/2016/1xxx/CVE-2016-1175.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1175", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1175", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.sharp.co.jp/support/photoplayer/fw_update.html", - "refsource" : "CONFIRM", - "url" : "http://www.sharp.co.jp/support/photoplayer/fw_update.html" - }, - { - "name" : "JVN#47164236", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN47164236/index.html" - }, - { - "name" : "JVNDB-2016-000039", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000039" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#47164236", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN47164236/index.html" + }, + { + "name": "JVNDB-2016-000039", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000039" + }, + { + "name": "http://www.sharp.co.jp/support/photoplayer/fw_update.html", + "refsource": "CONFIRM", + "url": "http://www.sharp.co.jp/support/photoplayer/fw_update.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1990.json b/2016/1xxx/CVE-2016-1990.json index 38bcada83ed..ff42361b918 100644 --- a/2016/1xxx/CVE-2016-1990.json +++ b/2016/1xxx/CVE-2016-1990.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1990", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1990", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048452", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048452" - }, - { - "name" : "1035282", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035282" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048452", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048452" + }, + { + "name": "1035282", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035282" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4302.json b/2016/4xxx/CVE-2016-4302.json index 5838c4b9e92..61f17982cee 100644 --- a/2016/4xxx/CVE-2016-4302.json +++ b/2016/4xxx/CVE-2016-4302.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4302", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-4302", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", - "refsource" : "MISC", - "url" : "http://blog.talosintel.com/2016/06/the-poisoned-archives.html" - }, - { - "name" : "http://www.talosintel.com/reports/TALOS-2016-0154/", - "refsource" : "MISC", - "url" : "http://www.talosintel.com/reports/TALOS-2016-0154/" - }, - { - "name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444", - "refsource" : "CONFIRM", - "url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444" - }, - { - "name" : "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700", - "refsource" : "CONFIRM", - "url" : "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700" - }, - { - "name" : "https://github.com/libarchive/libarchive/issues/719", - "refsource" : "CONFIRM", - "url" : "https://github.com/libarchive/libarchive/issues/719" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" - }, - { - "name" : "DSA-3657", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3657" - }, - { - "name" : "GLSA-201701-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-03" - }, - { - "name" : "RHSA-2016:1844", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1844.html" - }, - { - "name" : "91331", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91331" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:1844", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1844.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "http://blog.talosintel.com/2016/06/the-poisoned-archives.html", + "refsource": "MISC", + "url": "http://blog.talosintel.com/2016/06/the-poisoned-archives.html" + }, + { + "name": "http://www.talosintel.com/reports/TALOS-2016-0154/", + "refsource": "MISC", + "url": "http://www.talosintel.com/reports/TALOS-2016-0154/" + }, + { + "name": "https://github.com/libarchive/libarchive/issues/719", + "refsource": "CONFIRM", + "url": "https://github.com/libarchive/libarchive/issues/719" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" + }, + { + "name": "91331", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91331" + }, + { + "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444", + "refsource": "CONFIRM", + "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444" + }, + { + "name": "GLSA-201701-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-03" + }, + { + "name": "DSA-3657", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3657" + }, + { + "name": "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700", + "refsource": "CONFIRM", + "url": "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4370.json b/2016/4xxx/CVE-2016-4370.json index 62f2d6bfb1a..56c750c438b 100644 --- a/2016/4xxx/CVE-2016-4370.json +++ b/2016/4xxx/CVE-2016-4370.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4370", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to execute arbitrary commands or obtain sensitive information via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4370", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167126", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167126" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to execute arbitrary commands or obtain sensitive information via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167126", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167126" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4507.json b/2016/4xxx/CVE-2016-4507.json index d2448ab0ede..d9b2b4d9299 100644 --- a/2016/4xxx/CVE-2016-4507.json +++ b/2016/4xxx/CVE-2016-4507.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4507", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-4507", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-187-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-187-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-187-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-187-01" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4515.json b/2016/4xxx/CVE-2016-4515.json index fe14d72d74c..ea6b219dab0 100644 --- a/2016/4xxx/CVE-2016-4515.json +++ b/2016/4xxx/CVE-2016-4515.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4515", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-4515", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4620.json b/2016/4xxx/CVE-2016-4620.json index ab7511afd08..3a18aff5c12 100644 --- a/2016/4xxx/CVE-2016-4620.json +++ b/2016/4xxx/CVE-2016-4620.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4620", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4620", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207143", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207143" - }, - { - "name" : "APPLE-SA-2016-09-13-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-09-20-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" - }, - { - "name" : "92932", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92932" - }, - { - "name" : "1036797", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036797" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-09-20-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" + }, + { + "name": "1036797", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036797" + }, + { + "name": "APPLE-SA-2016-09-13-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html" + }, + { + "name": "92932", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92932" + }, + { + "name": "https://support.apple.com/HT207143", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207143" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4789.json b/2016/4xxx/CVE-2016-4789.json index 4aa142f1529..e88846df51a 100644 --- a/2016/4xxx/CVE-2016-4789.json +++ b/2016/4xxx/CVE-2016-4789.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4789", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the system configuration section in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4789", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40209", - "refsource" : "CONFIRM", - "url" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40209" - }, - { - "name" : "1035932", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035932" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the system configuration section in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035932", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035932" + }, + { + "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40209", + "refsource": "CONFIRM", + "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40209" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3045.json b/2019/3xxx/CVE-2019-3045.json index b1126932c56..6da908c4a16 100644 --- a/2019/3xxx/CVE-2019-3045.json +++ b/2019/3xxx/CVE-2019-3045.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3045", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3045", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3235.json b/2019/3xxx/CVE-2019-3235.json index 409af46130c..b597d72b83f 100644 --- a/2019/3xxx/CVE-2019-3235.json +++ b/2019/3xxx/CVE-2019-3235.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3235", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3235", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3285.json b/2019/3xxx/CVE-2019-3285.json index 4daa3714980..0472b585ee3 100644 --- a/2019/3xxx/CVE-2019-3285.json +++ b/2019/3xxx/CVE-2019-3285.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3285", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3285", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3697.json b/2019/3xxx/CVE-2019-3697.json index 9f97ac33762..21194c7e8e5 100644 --- a/2019/3xxx/CVE-2019-3697.json +++ b/2019/3xxx/CVE-2019-3697.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3697", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3697", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3722.json b/2019/3xxx/CVE-2019-3722.json index 25bb615afff..ce801d2cd17 100644 --- a/2019/3xxx/CVE-2019-3722.json +++ b/2019/3xxx/CVE-2019-3722.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3722", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3722", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4461.json b/2019/4xxx/CVE-2019-4461.json index 5b52664ebd0..dd6f6112786 100644 --- a/2019/4xxx/CVE-2019-4461.json +++ b/2019/4xxx/CVE-2019-4461.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4461", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4461", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4766.json b/2019/4xxx/CVE-2019-4766.json index 5bfb40f9f9b..f4ff88a64b4 100644 --- a/2019/4xxx/CVE-2019-4766.json +++ b/2019/4xxx/CVE-2019-4766.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4766", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4766", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4979.json b/2019/4xxx/CVE-2019-4979.json index 4d5b3d9fdda..bf479ef6497 100644 --- a/2019/4xxx/CVE-2019-4979.json +++ b/2019/4xxx/CVE-2019-4979.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4979", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4979", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6005.json b/2019/6xxx/CVE-2019-6005.json index 1bf2831a273..d0a1fd9de19 100644 --- a/2019/6xxx/CVE-2019-6005.json +++ b/2019/6xxx/CVE-2019-6005.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6005", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6005", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6104.json b/2019/6xxx/CVE-2019-6104.json index 85468ee5871..ca868edf043 100644 --- a/2019/6xxx/CVE-2019-6104.json +++ b/2019/6xxx/CVE-2019-6104.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6104", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6104", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6110.json b/2019/6xxx/CVE-2019-6110.json index f3441ed0c48..fbef6b5398e 100644 --- a/2019/6xxx/CVE-2019-6110.json +++ b/2019/6xxx/CVE-2019-6110.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6110", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6110", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "46193", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/46193/" - }, - { - "name" : "https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c", - "refsource" : "MISC", - "url" : "https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c" - }, - { - "name" : "https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c", - "refsource" : "MISC", - "url" : "https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c" - }, - { - "name" : "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt", - "refsource" : "MISC", - "url" : "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20190213-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20190213-0001/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security.netapp.com/advisory/ntap-20190213-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20190213-0001/" + }, + { + "name": "https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c", + "refsource": "MISC", + "url": "https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c" + }, + { + "name": "https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c", + "refsource": "MISC", + "url": "https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c" + }, + { + "name": "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt", + "refsource": "MISC", + "url": "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt" + }, + { + "name": "46193", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/46193/" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6415.json b/2019/6xxx/CVE-2019-6415.json index 5bbaeef9185..6e59e713407 100644 --- a/2019/6xxx/CVE-2019-6415.json +++ b/2019/6xxx/CVE-2019-6415.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6415", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6415", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7418.json b/2019/7xxx/CVE-2019-7418.json index 4cc531cf196..00be095142b 100644 --- a/2019/7xxx/CVE-2019-7418.json +++ b/2019/7xxx/CVE-2019-7418.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7418", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7418", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7712.json b/2019/7xxx/CVE-2019-7712.json index ddc79770e00..ac24031ce78 100644 --- a/2019/7xxx/CVE-2019-7712.json +++ b/2019/7xxx/CVE-2019-7712.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7712", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7712", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7956.json b/2019/7xxx/CVE-2019-7956.json index 17a257b5dce..43540625986 100644 --- a/2019/7xxx/CVE-2019-7956.json +++ b/2019/7xxx/CVE-2019-7956.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7956", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7956", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8089.json b/2019/8xxx/CVE-2019-8089.json index b838d6d102c..830a79816cf 100644 --- a/2019/8xxx/CVE-2019-8089.json +++ b/2019/8xxx/CVE-2019-8089.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8089", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8089", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8128.json b/2019/8xxx/CVE-2019-8128.json index 74c995af827..203d54fc2ce 100644 --- a/2019/8xxx/CVE-2019-8128.json +++ b/2019/8xxx/CVE-2019-8128.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8128", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8128", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8605.json b/2019/8xxx/CVE-2019-8605.json index 377c4137f61..bdf52ecc099 100644 --- a/2019/8xxx/CVE-2019-8605.json +++ b/2019/8xxx/CVE-2019-8605.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8605", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8605", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8834.json b/2019/8xxx/CVE-2019-8834.json index 671d23113e3..9d94c7509a1 100644 --- a/2019/8xxx/CVE-2019-8834.json +++ b/2019/8xxx/CVE-2019-8834.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8834", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8834", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9332.json b/2019/9xxx/CVE-2019-9332.json index c907bbdd124..19b169de12e 100644 --- a/2019/9xxx/CVE-2019-9332.json +++ b/2019/9xxx/CVE-2019-9332.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9332", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9332", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9338.json b/2019/9xxx/CVE-2019-9338.json index ab483bc6c11..7e4cf1fe916 100644 --- a/2019/9xxx/CVE-2019-9338.json +++ b/2019/9xxx/CVE-2019-9338.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9338", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9338", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file