From 227f81c85d888acdae48568a1d9075f535d42abd Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 02:49:18 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/2xxx/CVE-2007-2261.json | 150 ++-- 2007/2xxx/CVE-2007-2359.json | 170 ++-- 2007/2xxx/CVE-2007-2398.json | 230 +++--- 2007/2xxx/CVE-2007-2537.json | 170 ++-- 2007/3xxx/CVE-2007-3142.json | 190 ++--- 2007/4xxx/CVE-2007-4059.json | 230 +++--- 2007/4xxx/CVE-2007-4856.json | 34 +- 2007/6xxx/CVE-2007-6426.json | 170 ++-- 2007/6xxx/CVE-2007-6750.json | 230 +++--- 2010/1xxx/CVE-2010-1235.json | 140 ++-- 2010/1xxx/CVE-2010-1505.json | 170 ++-- 2010/1xxx/CVE-2010-1652.json | 160 ++-- 2010/1xxx/CVE-2010-1814.json | 310 +++---- 2010/1xxx/CVE-2010-1831.json | 140 ++-- 2010/5xxx/CVE-2010-5233.json | 130 +-- 2014/0xxx/CVE-2014-0076.json | 760 +++++++++--------- 2014/0xxx/CVE-2014-0118.json | 360 ++++----- 2014/0xxx/CVE-2014-0815.json | 160 ++-- 2014/1xxx/CVE-2014-1465.json | 34 +- 2014/1xxx/CVE-2014-1526.json | 220 ++--- 2014/1xxx/CVE-2014-1563.json | 240 +++--- 2014/1xxx/CVE-2014-1700.json | 180 ++--- 2014/1xxx/CVE-2014-1763.json | 170 ++-- 2014/5xxx/CVE-2014-5116.json | 140 ++-- 2014/5xxx/CVE-2014-5265.json | 170 ++-- 2014/5xxx/CVE-2014-5903.json | 140 ++-- 2015/2xxx/CVE-2015-2084.json | 160 ++-- 2015/2xxx/CVE-2015-2404.json | 130 +-- 2015/2xxx/CVE-2015-2731.json | 250 +++--- 2015/2xxx/CVE-2015-2985.json | 130 +-- 2016/10xxx/CVE-2016-10153.json | 170 ++-- 2016/10xxx/CVE-2016-10378.json | 120 +-- 2016/10xxx/CVE-2016-10644.json | 122 +-- 2016/4xxx/CVE-2016-4451.json | 150 ++-- 2016/4xxx/CVE-2016-4731.json | 170 ++-- 2016/8xxx/CVE-2016-8002.json | 34 +- 2016/8xxx/CVE-2016-8118.json | 34 +- 2016/8xxx/CVE-2016-8336.json | 34 +- 2016/8xxx/CVE-2016-8919.json | 1376 ++++++++++++++++---------------- 2016/9xxx/CVE-2016-9254.json | 34 +- 2016/9xxx/CVE-2016-9305.json | 130 +-- 2016/9xxx/CVE-2016-9345.json | 140 ++-- 2016/9xxx/CVE-2016-9454.json | 140 ++-- 2019/2xxx/CVE-2019-2070.json | 34 +- 2019/2xxx/CVE-2019-2195.json | 34 +- 2019/2xxx/CVE-2019-2371.json | 34 +- 2019/2xxx/CVE-2019-2878.json | 34 +- 2019/2xxx/CVE-2019-2943.json | 34 +- 2019/3xxx/CVE-2019-3157.json | 34 +- 2019/3xxx/CVE-2019-3414.json | 34 +- 2019/6xxx/CVE-2019-6472.json | 34 +- 2019/6xxx/CVE-2019-6485.json | 140 ++-- 2019/6xxx/CVE-2019-6855.json | 34 +- 2019/7xxx/CVE-2019-7002.json | 34 +- 2019/7xxx/CVE-2019-7208.json | 34 +- 2019/7xxx/CVE-2019-7915.json | 34 +- 56 files changed, 4535 insertions(+), 4535 deletions(-) diff --git a/2007/2xxx/CVE-2007-2261.json b/2007/2xxx/CVE-2007-2261.json index 8f92726d00a..a770d48784e 100644 --- a/2007/2xxx/CVE-2007-2261.json +++ b/2007/2xxx/CVE-2007-2261.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2261", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in espaces/communiques/annotations.php in C-Arbre 0.6PR7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter, a different vector than CVE-2007-1721." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2261", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070422 c-arbre <= Multiple Remote File Include Vulnerablitiy", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/466682/100/0/threaded" - }, - { - "name" : "35635", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35635" - }, - { - "name" : "2625", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2625" - }, - { - "name" : "carbre-annotations-file-include(33816)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33816" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in espaces/communiques/annotations.php in C-Arbre 0.6PR7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter, a different vector than CVE-2007-1721." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070422 c-arbre <= Multiple Remote File Include Vulnerablitiy", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/466682/100/0/threaded" + }, + { + "name": "2625", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2625" + }, + { + "name": "carbre-annotations-file-include(33816)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33816" + }, + { + "name": "35635", + "refsource": "OSVDB", + "url": "http://osvdb.org/35635" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2359.json b/2007/2xxx/CVE-2007-2359.json index 5316e767ff5..0cc48fe49d8 100644 --- a/2007/2xxx/CVE-2007-2359.json +++ b/2007/2xxx/CVE-2007-2359.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2359", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2359", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519" - }, - { - "name" : "http://www.symantec.com/avcenter/security/Content/2007.04.26.html", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/avcenter/security/Content/2007.04.26.html" - }, - { - "name" : "ADV-2007-1552", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1552" - }, - { - "name" : "1017971", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017971" - }, - { - "name" : "25013", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25013" - }, - { - "name" : "symantec-backup-unspecified-bo(33931)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, allows local users to gain privileges via a long string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1017971", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017971" + }, + { + "name": "ADV-2007-1552", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1552" + }, + { + "name": "symantec-backup-unspecified-bo(33931)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33931" + }, + { + "name": "20070426 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=519" + }, + { + "name": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/avcenter/security/Content/2007.04.26.html" + }, + { + "name": "25013", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25013" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2398.json b/2007/2xxx/CVE-2007-2398.json index 9ff77ba48e7..8016a73ada3 100644 --- a/2007/2xxx/CVE-2007-2398.json +++ b/2007/2xxx/CVE-2007-2398.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2398", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apple Safari 3.0.1 beta (522.12.12) on Windows allows remote attackers to modify the window title and address bar while filling the main window with arbitrary content by setting the location bar and using setTimeout() to create an event that modifies the window content, which could facilitate phishing attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2398", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070614 Re: Apple Safari: urlbar/window title spoofing", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0311.html" - }, - { - "name" : "20070614 Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471452/100/0/threaded" - }, - { - "name" : "20070615 Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471454/100/0/threaded" - }, - { - "name" : "http://support.apple.com/kb/HT1467", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT1467" - }, - { - "name" : "APPLE-SA-2007-06-22", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2007/Jun/msg00004.html" - }, - { - "name" : "APPLE-SA-2008-04-16", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008/Apr/msg00001.html" - }, - { - "name" : "24484", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24484" - }, - { - "name" : "38862", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38862" - }, - { - "name" : "ADV-2007-2316", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2316" - }, - { - "name" : "1018282", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018282" - }, - { - "name" : "ADV-2008-0979", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0979/references" - }, - { - "name" : "safari-addressbar-spoofing(35050)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35050" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apple Safari 3.0.1 beta (522.12.12) on Windows allows remote attackers to modify the window title and address bar while filling the main window with arbitrary content by setting the location bar and using setTimeout() to create an event that modifies the window content, which could facilitate phishing attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38862", + "refsource": "OSVDB", + "url": "http://osvdb.org/38862" + }, + { + "name": "http://support.apple.com/kb/HT1467", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT1467" + }, + { + "name": "ADV-2007-2316", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2316" + }, + { + "name": "ADV-2008-0979", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0979/references" + }, + { + "name": "APPLE-SA-2007-06-22", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2007/Jun/msg00004.html" + }, + { + "name": "APPLE-SA-2008-04-16", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008/Apr/msg00001.html" + }, + { + "name": "1018282", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018282" + }, + { + "name": "20070614 Re: Apple Safari: urlbar/window title spoofing", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0311.html" + }, + { + "name": "safari-addressbar-spoofing(35050)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35050" + }, + { + "name": "20070614 Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471452/100/0/threaded" + }, + { + "name": "24484", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24484" + }, + { + "name": "20070615 Re: [Full-disclosure] Apple Safari: urlbar/window title spoofing", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471454/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2537.json b/2007/2xxx/CVE-2007-2537.json index 5214b52324d..add12ad1f19 100644 --- a/2007/2xxx/CVE-2007-2537.json +++ b/2007/2xxx/CVE-2007-2537.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2537", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 and earlier allow remote authenticated users to execute arbitrary SQL commands via a (1) nickname or (2) Id in a cookie, or (3) the X-Forwarded-For (X_FORWARDED_FOR) HTTP header." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2537", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070504 NPDS <= 5.10 - Multiple SQL injections", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/467696/100/0/threaded" - }, - { - "name" : "http://www.aeroxteam.fr/exploit-NPDS-5.10.txt", - "refsource" : "MISC", - "url" : "http://www.aeroxteam.fr/exploit-NPDS-5.10.txt" - }, - { - "name" : "23831", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23831" - }, - { - "name" : "36195", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36195" - }, - { - "name" : "2670", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2670" - }, - { - "name" : "npds-mainfile-sql-injection(34109)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34109" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in mainfile.php in NPDS 5.10 and earlier allow remote authenticated users to execute arbitrary SQL commands via a (1) nickname or (2) Id in a cookie, or (3) the X-Forwarded-For (X_FORWARDED_FOR) HTTP header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2670", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2670" + }, + { + "name": "http://www.aeroxteam.fr/exploit-NPDS-5.10.txt", + "refsource": "MISC", + "url": "http://www.aeroxteam.fr/exploit-NPDS-5.10.txt" + }, + { + "name": "23831", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23831" + }, + { + "name": "20070504 NPDS <= 5.10 - Multiple SQL injections", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/467696/100/0/threaded" + }, + { + "name": "36195", + "refsource": "OSVDB", + "url": "http://osvdb.org/36195" + }, + { + "name": "npds-mainfile-sql-injection(34109)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34109" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3142.json b/2007/3xxx/CVE-2007-3142.json index fee68eaa29f..c2b610319a9 100644 --- a/2007/3xxx/CVE-2007-3142.json +++ b/2007/3xxx/CVE-2007-3142.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3142", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Visual truncation vulnerability in Opera 9.21 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after 34 characters, as demonstrated by a phishing attack using HTTP Basic Authentication." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3142", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://testing.bitsploit.de/test.html", - "refsource" : "MISC", - "url" : "http://testing.bitsploit.de/test.html" - }, - { - "name" : "http://www.0x000000.com/?i=334", - "refsource" : "MISC", - "url" : "http://www.0x000000.com/?i=334" - }, - { - "name" : "GLSA-200708-17", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200708-17.xml" - }, - { - "name" : "SUSE-SR:2007:015", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_15_sr.html" - }, - { - "name" : "24352", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24352" - }, - { - "name" : "43463", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43463" - }, - { - "name" : "26545", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26545" - }, - { - "name" : "multiple-basic-authentication-spoofing(34983)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Visual truncation vulnerability in Opera 9.21 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after 34 characters, as demonstrated by a phishing attack using HTTP Basic Authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43463", + "refsource": "OSVDB", + "url": "http://osvdb.org/43463" + }, + { + "name": "24352", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24352" + }, + { + "name": "GLSA-200708-17", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200708-17.xml" + }, + { + "name": "multiple-basic-authentication-spoofing(34983)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983" + }, + { + "name": "26545", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26545" + }, + { + "name": "SUSE-SR:2007:015", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html" + }, + { + "name": "http://testing.bitsploit.de/test.html", + "refsource": "MISC", + "url": "http://testing.bitsploit.de/test.html" + }, + { + "name": "http://www.0x000000.com/?i=334", + "refsource": "MISC", + "url": "http://www.0x000000.com/?i=334" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4059.json b/2007/4xxx/CVE-2007-4059.json index 0f9f90ed550..493b469e10b 100644 --- a/2007/4xxx/CVE-2007-4059.json +++ b/2007/4xxx/CVE-2007-4059.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4059", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging.dll 5.5.3.42958 in EMC VMware allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SetLogFileName method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4059", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html" - }, - { - "name" : "4240", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4240" - }, - { - "name" : "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ace/doc/releasenotes_ace.html" - }, - { - "name" : "http://www.vmware.com/support/player/doc/releasenotes_player.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/player/doc/releasenotes_player.html" - }, - { - "name" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" - }, - { - "name" : "http://www.vmware.com/support/server/doc/releasenotes_server.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/server/doc/releasenotes_server.html" - }, - { - "name" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" - }, - { - "name" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" - }, - { - "name" : "25110", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25110" - }, - { - "name" : "ADV-2007-3229", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3229" - }, - { - "name" : "26890", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26890" - }, - { - "name" : "vmware-intraprocesslogging-file-overwrite(35675)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35675" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Absolute path traversal vulnerability in a certain ActiveX control in IntraProcessLogging.dll 5.5.3.42958 in EMC VMware allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SetLogFileName method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html" + }, + { + "name": "ADV-2007-3229", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3229" + }, + { + "name": "25110", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25110" + }, + { + "name": "4240", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4240" + }, + { + "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html" + }, + { + "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" + }, + { + "name": "26890", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26890" + }, + { + "name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html" + }, + { + "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html" + }, + { + "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" + }, + { + "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" + }, + { + "name": "vmware-intraprocesslogging-file-overwrite(35675)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35675" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4856.json b/2007/4xxx/CVE-2007-4856.json index 1f9935417f5..52d809d843e 100644 --- a/2007/4xxx/CVE-2007-4856.json +++ b/2007/4xxx/CVE-2007-4856.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4856", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4856", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6426.json b/2007/6xxx/CVE-2007-6426.json index 6076fcae5dc..b7ca232c743 100644 --- a/2007/6xxx/CVE-2007-6426.json +++ b/2007/6xxx/CVE-2007-6426.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6426", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6426", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080219 EMC RepliStor Multiple Heap Overflow Vulnerabilities", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=664" - }, - { - "name" : "20080220 Re: iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/488419/100/0/threaded" - }, - { - "name" : "27915", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27915" - }, - { - "name" : "ADV-2008-0625", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0625" - }, - { - "name" : "1019457", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019457" - }, - { - "name" : "29011", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29011" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1019457", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019457" + }, + { + "name": "ADV-2008-0625", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0625" + }, + { + "name": "27915", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27915" + }, + { + "name": "20080219 EMC RepliStor Multiple Heap Overflow Vulnerabilities", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=664" + }, + { + "name": "20080220 Re: iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/488419/100/0/threaded" + }, + { + "name": "29011", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29011" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6750.json b/2007/6xxx/CVE-2007-6750.json index ea0e608f13c..aa3dfdbd8ab 100644 --- a/2007/6xxx/CVE-2007-6750.json +++ b/2007/6xxx/CVE-2007-6750.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6750", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6750", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070105 Re: a cheesy Apache / IIS DoS vuln (+a question)", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2007-01/0229.html" - }, - { - "name" : "http://ha.ckers.org/slowloris/", - "refsource" : "MISC", - "url" : "http://ha.ckers.org/slowloris/" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" - }, - { - "name" : "HPSBUX02866", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136612293908376&w=2" - }, - { - "name" : "SSRT101139", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=136612293908376&w=2" - }, - { - "name" : "openSUSE-SU-2012:0314", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.html" - }, - { - "name" : "SUSE-SU-2012:0323", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00002.html" - }, - { - "name" : "21865", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21865" - }, - { - "name" : "oval:org.mitre.oval:def:19481", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19481" - }, - { - "name" : "1038144", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038144" - }, - { - "name" : "apache-server-http-dos(72345)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72345" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT101139", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2" + }, + { + "name": "1038144", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038144" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" + }, + { + "name": "http://ha.ckers.org/slowloris/", + "refsource": "MISC", + "url": "http://ha.ckers.org/slowloris/" + }, + { + "name": "20070105 Re: a cheesy Apache / IIS DoS vuln (+a question)", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2007-01/0229.html" + }, + { + "name": "oval:org.mitre.oval:def:19481", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19481" + }, + { + "name": "apache-server-http-dos(72345)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72345" + }, + { + "name": "HPSBUX02866", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2" + }, + { + "name": "openSUSE-SU-2012:0314", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00026.html" + }, + { + "name": "21865", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21865" + }, + { + "name": "SUSE-SU-2012:0323", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00002.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1235.json b/2010/1xxx/CVE-2010-1235.json index 288d9ec4e84..b5c4f507ca3 100644 --- a/2010/1xxx/CVE-2010-1235.json +++ b/2010/1xxx/CVE-2010-1235.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1235", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to trigger the omission of a download warning dialog via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1235", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=37007", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=37007" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html" - }, - { - "name" : "oval:org.mitre.oval:def:14297", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14297" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to trigger the omission of a download warning dialog via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://code.google.com/p/chromium/issues/detail?id=37007", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=37007" + }, + { + "name": "http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html" + }, + { + "name": "oval:org.mitre.oval:def:14297", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14297" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1505.json b/2010/1xxx/CVE-2010-1505.json index eee78cd12b5..43474192b8d 100644 --- a/2010/1xxx/CVE-2010-1505.json +++ b/2010/1xxx/CVE-2010-1505.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1505", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1505", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.chromium.org/40575", - "refsource" : "CONFIRM", - "url" : "http://bugs.chromium.org/40575" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html" - }, - { - "name" : "39603", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39603" - }, - { - "name" : "63997", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/63997" - }, - { - "name" : "oval:org.mitre.oval:def:11866", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11866" - }, - { - "name" : "39544", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39544" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "63997", + "refsource": "OSVDB", + "url": "http://osvdb.org/63997" + }, + { + "name": "39603", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39603" + }, + { + "name": "39544", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39544" + }, + { + "name": "http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html" + }, + { + "name": "oval:org.mitre.oval:def:11866", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11866" + }, + { + "name": "http://bugs.chromium.org/40575", + "refsource": "CONFIRM", + "url": "http://bugs.chromium.org/40575" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1652.json b/2010/1xxx/CVE-2010-1652.json index e2940e95afc..83fa32c9680 100644 --- a/2010/1xxx/CVE-2010-1652.json +++ b/2010/1xxx/CVE-2010-1652.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1652", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the HelpCenter module in Help Center Live (HCL) 2.0.6 and 2.1.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the file parameter to module.php. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1652", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1004-exploits/helpcenterlive-lfi.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1004-exploits/helpcenterlive-lfi.txt" - }, - { - "name" : "12421", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/12421" - }, - { - "name" : "39732", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39732" - }, - { - "name" : "39615", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39615" - }, - { - "name" : "ADV-2010-1009", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1009" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the HelpCenter module in Help Center Live (HCL) 2.0.6 and 2.1.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the file parameter to module.php. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2010-1009", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1009" + }, + { + "name": "39615", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39615" + }, + { + "name": "12421", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/12421" + }, + { + "name": "http://packetstormsecurity.org/1004-exploits/helpcenterlive-lfi.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1004-exploits/helpcenterlive-lfi.txt" + }, + { + "name": "39732", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39732" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1814.json b/2010/1xxx/CVE-2010-1814.json index 5e5dd3d7e17..9582972c625 100644 --- a/2010/1xxx/CVE-2010-1814.json +++ b/2010/1xxx/CVE-2010-1814.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1814", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-1814", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4334", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4334" - }, - { - "name" : "http://support.apple.com/kb/HT4455", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4455" - }, - { - "name" : "http://support.apple.com/kb/HT4456", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4456" - }, - { - "name" : "APPLE-SA-2010-09-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html" - }, - { - "name" : "APPLE-SA-2010-11-18-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html" - }, - { - "name" : "APPLE-SA-2010-11-22-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" - }, - { - "name" : "MDVSA-2011:039", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" - }, - { - "name" : "RHSA-2011:0177", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0177.html" - }, - { - "name" : "SUSE-SR:2011:002", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" - }, - { - "name" : "USN-1006-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1006-1" - }, - { - "name" : "43083", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/43083" - }, - { - "name" : "41856", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41856" - }, - { - "name" : "42314", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42314" - }, - { - "name" : "43068", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43068" - }, - { - "name" : "43086", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43086" - }, - { - "name" : "ADV-2010-2722", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2722" - }, - { - "name" : "ADV-2011-0212", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0212" - }, - { - "name" : "ADV-2011-0216", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0216" - }, - { - "name" : "ADV-2011-0552", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0552" - }, - { - "name" : "appleios-formmenus-code-exec(61701)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61701" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDVSA-2011:039", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" + }, + { + "name": "ADV-2010-2722", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2722" + }, + { + "name": "43068", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43068" + }, + { + "name": "APPLE-SA-2010-09-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Sep/msg00002.html" + }, + { + "name": "http://support.apple.com/kb/HT4334", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4334" + }, + { + "name": "USN-1006-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1006-1" + }, + { + "name": "http://support.apple.com/kb/HT4455", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4455" + }, + { + "name": "41856", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41856" + }, + { + "name": "ADV-2011-0212", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0212" + }, + { + "name": "ADV-2011-0216", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0216" + }, + { + "name": "43086", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43086" + }, + { + "name": "SUSE-SR:2011:002", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" + }, + { + "name": "APPLE-SA-2010-11-18-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html" + }, + { + "name": "appleios-formmenus-code-exec(61701)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61701" + }, + { + "name": "42314", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42314" + }, + { + "name": "RHSA-2011:0177", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0177.html" + }, + { + "name": "ADV-2011-0552", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0552" + }, + { + "name": "43083", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/43083" + }, + { + "name": "http://support.apple.com/kb/HT4456", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4456" + }, + { + "name": "APPLE-SA-2010-11-22-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1831.json b/2010/1xxx/CVE-2010-1831.json index cb60769ff13..1bf23c3b290 100644 --- a/2010/1xxx/CVE-2010-1831.json +++ b/2010/1xxx/CVE-2010-1831.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1831", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a long name of an embedded font in a document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-1831", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4435", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4435" - }, - { - "name" : "APPLE-SA-2010-11-10-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" - }, - { - "name" : "1024723", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024723" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code via a long name of an embedded font in a document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1024723", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024723" + }, + { + "name": "http://support.apple.com/kb/HT4435", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4435" + }, + { + "name": "APPLE-SA-2010-11-10-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5233.json b/2010/5xxx/CVE-2010-5233.json index 60b33e267ee..d5ad18f147f 100644 --- a/2010/5xxx/CVE-2010-5233.json +++ b/2010/5xxx/CVE-2010-5233.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5233", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in Virtual DJ 6.1.2 Trial b301 allows local users to gain privileges via a Trojan horse HDJAPI.dll file in the current working directory, as demonstrated by a directory that contains a .mp3 file. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5233", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/", - "refsource" : "MISC", - "url" : "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/" - }, - { - "name" : "41115", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41115" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in Virtual DJ 6.1.2 Trial b301 allows local users to gain privileges via a Trojan horse HDJAPI.dll file in the current working directory, as demonstrated by a directory that contains a .mp3 file. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/", + "refsource": "MISC", + "url": "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/" + }, + { + "name": "41115", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41115" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0076.json b/2014/0xxx/CVE-2014-0076.json index 91bc5bd0f31..56222ba9f2f 100644 --- a/2014/0xxx/CVE-2014-0076.json +++ b/2014/0xxx/CVE-2014-0076.json @@ -1,382 +1,382 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0076", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-0076", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://eprint.iacr.org/2014/140", - "refsource" : "MISC", - "url" : "http://eprint.iacr.org/2014/140" - }, - { - "name" : "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f91e57d247d0fc667aef29", - "refsource" : "CONFIRM", - "url" : "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f91e57d247d0fc667aef29" - }, - { - "name" : "https://bugs.gentoo.org/show_bug.cgi?id=505278", - "refsource" : "CONFIRM", - "url" : "https://bugs.gentoo.org/show_bug.cgi?id=505278" - }, - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=869945", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=869945" - }, - { - "name" : "http://www.openssl.org/news/secadv_20140605.txt", - "refsource" : "CONFIRM", - "url" : "http://www.openssl.org/news/secadv_20140605.txt" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2014-0165.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2014-0165.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676035" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676062" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676419" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676424", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676424" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676655" - }, - { - "name" : "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", - "refsource" : "CONFIRM", - "url" : "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm" - }, - { - "name" : "http://www.novell.com/support/kb/doc.php?id=7015264", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/kb/doc.php?id=7015264" - }, - { - "name" : "http://www.novell.com/support/kb/doc.php?id=7015300", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/kb/doc.php?id=7015300" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10075" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21673137" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21677828" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21677695" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=isg400001841" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=isg400001843" - }, - { - "name" : "http://support.apple.com/kb/HT6443", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT6443" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676092", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676092" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676501", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676501" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" - }, - { - "name" : "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl" - }, - { - "name" : "HPSBGN03050", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140482916501310&w=2" - }, - { - "name" : "HPSBMU03051", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140448122410568&w=2" - }, - { - "name" : "HPSBMU03056", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140389355508263&w=2" - }, - { - "name" : "HPSBMU03057", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140389274407904&w=2" - }, - { - "name" : "HPSBMU03062", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140752315422991&w=2" - }, - { - "name" : "HPSBMU03074", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140621259019789&w=2" - }, - { - "name" : "HPSBMU03076", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140904544427729&w=2" - }, - { - "name" : "HPSBOV03047", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140317760000786&w=2" - }, - { - "name" : "HPSBUX03046", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140266410314613&w=2" - }, - { - "name" : "SSRT101590", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140266410314613&w=2" - }, - { - "name" : "MDVSA-2014:067", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2014:067" - }, - { - "name" : "MDVSA-2015:062", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" - }, - { - "name" : "openSUSE-SU-2016:0640", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" - }, - { - "name" : "openSUSE-SU-2014:0480", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html" - }, - { - "name" : "USN-2165-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2165-1" - }, - { - "name" : "66363", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66363" - }, - { - "name" : "58727", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58727" - }, - { - "name" : "58939", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58939" - }, - { - "name" : "59162", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59162" - }, - { - "name" : "59300", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59300" - }, - { - "name" : "59438", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59438" - }, - { - "name" : "59450", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59450" - }, - { - "name" : "59495", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59495" - }, - { - "name" : "59514", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59514" - }, - { - "name" : "59490", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59490" - }, - { - "name" : "59655", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59655" - }, - { - "name" : "59721", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59721" - }, - { - "name" : "59413", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59413" - }, - { - "name" : "60571", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60571" - }, - { - "name" : "59445", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59445" - }, - { - "name" : "58492", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58492" - }, - { - "name" : "59040", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59040" - }, - { - "name" : "59175", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59175" - }, - { - "name" : "59264", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59264" - }, - { - "name" : "59364", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59364" - }, - { - "name" : "59374", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59374" - }, - { - "name" : "59454", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59454" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.novell.com/support/kb/doc.php?id=7015300", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/kb/doc.php?id=7015300" + }, + { + "name": "59264", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59264" + }, + { + "name": "59454", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59454" + }, + { + "name": "66363", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66363" + }, + { + "name": "58492", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58492" + }, + { + "name": "http://www.novell.com/support/kb/doc.php?id=7015264", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/kb/doc.php?id=7015264" + }, + { + "name": "https://bugs.gentoo.org/show_bug.cgi?id=505278", + "refsource": "CONFIRM", + "url": "https://bugs.gentoo.org/show_bug.cgi?id=505278" + }, + { + "name": "59445", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59445" + }, + { + "name": "HPSBUX03046", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140266410314613&w=2" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092" + }, + { + "name": "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f91e57d247d0fc667aef29", + "refsource": "CONFIRM", + "url": "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f91e57d247d0fc667aef29" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946" + }, + { + "name": "HPSBOV03047", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140317760000786&w=2" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828" + }, + { + "name": "HPSBMU03074", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140621259019789&w=2" + }, + { + "name": "59300", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59300" + }, + { + "name": "http://advisories.mageia.org/MGASA-2014-0165.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2014-0165.html" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695" + }, + { + "name": "openSUSE-SU-2014:0480", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html" + }, + { + "name": "59495", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59495" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841" + }, + { + "name": "openSUSE-SU-2016:0640", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + }, + { + "name": "59655", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59655" + }, + { + "name": "59374", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59374" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" + }, + { + "name": "HPSBMU03057", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140389274407904&w=2" + }, + { + "name": "58939", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58939" + }, + { + "name": "SSRT101590", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140266410314613&w=2" + }, + { + "name": "59514", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59514" + }, + { + "name": "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10075", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10075" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419" + }, + { + "name": "59438", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59438" + }, + { + "name": "HPSBGN03050", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140482916501310&w=2" + }, + { + "name": "58727", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58727" + }, + { + "name": "http://www.openssl.org/news/secadv_20140605.txt", + "refsource": "CONFIRM", + "url": "http://www.openssl.org/news/secadv_20140605.txt" + }, + { + "name": "http://support.apple.com/kb/HT6443", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT6443" + }, + { + "name": "USN-2165-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2165-1" + }, + { + "name": "HPSBMU03076", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140904544427729&w=2" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629" + }, + { + "name": "MDVSA-2014:067", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:067" + }, + { + "name": "HPSBMU03062", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140752315422991&w=2" + }, + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=869945", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=869945" + }, + { + "name": "59040", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59040" + }, + { + "name": "HPSBMU03056", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140389355508263&w=2" + }, + { + "name": "59175", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59175" + }, + { + "name": "HPSBMU03051", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140448122410568&w=2" + }, + { + "name": "59413", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59413" + }, + { + "name": "59721", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59721" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137" + }, + { + "name": "MDVSA-2015:062", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035" + }, + { + "name": "59450", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59450" + }, + { + "name": "59364", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59364" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424" + }, + { + "name": "60571", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60571" + }, + { + "name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm", + "refsource": "CONFIRM", + "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm" + }, + { + "name": "59162", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59162" + }, + { + "name": "59490", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59490" + }, + { + "name": "http://eprint.iacr.org/2014/140", + "refsource": "MISC", + "url": "http://eprint.iacr.org/2014/140" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0118.json b/2014/0xxx/CVE-2014-0118.json index f297d662533..86b90b97193 100644 --- a/2014/0xxx/CVE-2014-0118.json +++ b/2014/0xxx/CVE-2014-0118.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0118", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-0118", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://httpd.apache.org/security/vulnerabilities_24.html", - "refsource" : "CONFIRM", - "url" : "http://httpd.apache.org/security/vulnerabilities_24.html" - }, - { - "name" : "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c" - }, - { - "name" : "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1120601", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1120601" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2014-0304.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2014-0304.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2014-0305.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2014-0305.html" - }, - { - "name" : "https://support.apple.com/HT204659", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT204659" - }, - { - "name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", - "refsource" : "CONFIRM", - "url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246" - }, - { - "name" : "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES" - }, - { - "name" : "https://puppet.com/security/cve/cve-2014-0118", - "refsource" : "CONFIRM", - "url" : "https://puppet.com/security/cve/cve-2014-0118" - }, - { - "name" : "APPLE-SA-2015-04-08-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" - }, - { - "name" : "DSA-2989", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2989" - }, - { - "name" : "GLSA-201504-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-03" - }, - { - "name" : "HPSBMU03380", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=143748090628601&w=2" - }, - { - "name" : "HPSBMU03409", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=144050155601375&w=2" - }, - { - "name" : "HPSBUX03337", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=143403519711434&w=2" - }, - { - "name" : "HPSBUX03512", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=144493176821532&w=2" - }, - { - "name" : "SSRT102066", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=143403519711434&w=2" - }, - { - "name" : "SSRT102254", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=144493176821532&w=2" - }, - { - "name" : "MDVSA-2014:142", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2014:142" - }, - { - "name" : "RHSA-2014:1019", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1019.html" - }, - { - "name" : "RHSA-2014:1020", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1020.html" - }, - { - "name" : "RHSA-2014:1021", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1021.html" - }, - { - "name" : "68745", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68745" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBUX03512", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2" + }, + { + "name": "http://advisories.mageia.org/MGASA-2014-0305.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2014-0305.html" + }, + { + "name": "DSA-2989", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2989" + }, + { + "name": "HPSBMU03409", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2" + }, + { + "name": "https://support.apple.com/HT204659", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT204659" + }, + { + "name": "http://httpd.apache.org/security/vulnerabilities_24.html", + "refsource": "CONFIRM", + "url": "http://httpd.apache.org/security/vulnerabilities_24.html" + }, + { + "name": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES" + }, + { + "name": "GLSA-201504-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-03" + }, + { + "name": "RHSA-2014:1020", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html" + }, + { + "name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c" + }, + { + "name": "https://puppet.com/security/cve/cve-2014-0118", + "refsource": "CONFIRM", + "url": "https://puppet.com/security/cve/cve-2014-0118" + }, + { + "name": "HPSBMU03380", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2" + }, + { + "name": "SSRT102066", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=143403519711434&w=2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + }, + { + "name": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h" + }, + { + "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246", + "refsource": "CONFIRM", + "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246" + }, + { + "name": "RHSA-2014:1021", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html" + }, + { + "name": "SSRT102254", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2" + }, + { + "name": "68745", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68745" + }, + { + "name": "APPLE-SA-2015-04-08-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" + }, + { + "name": "MDVSA-2014:142", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:142" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1120601", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120601" + }, + { + "name": "RHSA-2014:1019", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html" + }, + { + "name": "http://advisories.mageia.org/MGASA-2014-0304.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2014-0304.html" + }, + { + "name": "HPSBUX03337", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=143403519711434&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0815.json b/2014/0xxx/CVE-2014-0815.json index 87921aaeec4..a813227b94d 100644 --- a/2014/0xxx/CVE-2014-0815.json +++ b/2014/0xxx/CVE-2014-0815.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0815", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2014-0815", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blogs.opera.com/security/2014/01/security-changes-features-opera-19/", - "refsource" : "CONFIRM", - "url" : "http://blogs.opera.com/security/2014/01/security-changes-features-opera-19/" - }, - { - "name" : "JVN#23256725", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN23256725/index.html" - }, - { - "name" : "JVNDB-2014-000014", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000014" - }, - { - "name" : "65391", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65391" - }, - { - "name" : "opera-android-cve20140815-info-disc(91090)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91090" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "opera-android-cve20140815-info-disc(91090)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91090" + }, + { + "name": "JVNDB-2014-000014", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000014" + }, + { + "name": "65391", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65391" + }, + { + "name": "http://blogs.opera.com/security/2014/01/security-changes-features-opera-19/", + "refsource": "CONFIRM", + "url": "http://blogs.opera.com/security/2014/01/security-changes-features-opera-19/" + }, + { + "name": "JVN#23256725", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN23256725/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1465.json b/2014/1xxx/CVE-2014-1465.json index 1c3f4482b9e..6a474d8e88c 100644 --- a/2014/1xxx/CVE-2014-1465.json +++ b/2014/1xxx/CVE-2014-1465.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1465", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1465", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1526.json b/2014/1xxx/CVE-2014-1526.json index 51f73b472d2..4d49e72badb 100644 --- a/2014/1xxx/CVE-2014-1526.json +++ b/2014/1xxx/CVE-2014-1526.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1526", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2014-1526", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-47.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-47.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=988106", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=988106" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "FEDORA-2014-5829", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html" - }, - { - "name" : "GLSA-201504-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-01" - }, - { - "name" : "openSUSE-SU-2014:0599", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html" - }, - { - "name" : "openSUSE-SU-2014:0629", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html" - }, - { - "name" : "USN-2185-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2185-1" - }, - { - "name" : "1030163", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030163" - }, - { - "name" : "1030164", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030164" - }, - { - "name" : "59866", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59866" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2014:0599", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00010.html" + }, + { + "name": "openSUSE-SU-2014:0629", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00033.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-47.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-47.html" + }, + { + "name": "GLSA-201504-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-01" + }, + { + "name": "59866", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59866" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=988106", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=988106" + }, + { + "name": "USN-2185-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2185-1" + }, + { + "name": "1030164", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030164" + }, + { + "name": "1030163", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030163" + }, + { + "name": "FEDORA-2014-5829", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132437.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1563.json b/2014/1xxx/CVE-2014-1563.json index 68a2344e316..0b8d6855736 100644 --- a/2014/1xxx/CVE-2014-1563.json +++ b/2014/1xxx/CVE-2014-1563.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1563", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2014-1563", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-68.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-68.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1018524", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1018524" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "GLSA-201504-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-01" - }, - { - "name" : "openSUSE-SU-2014:1098", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html" - }, - { - "name" : "openSUSE-SU-2014:1099", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.html" - }, - { - "name" : "openSUSE-SU-2015:0138", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html" - }, - { - "name" : "openSUSE-SU-2015:1266", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html" - }, - { - "name" : "69523", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69523" - }, - { - "name" : "1030793", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030793" - }, - { - "name" : "1030794", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030794" - }, - { - "name" : "60148", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60148" - }, - { - "name" : "61114", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61114" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:0138", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html" + }, + { + "name": "GLSA-201504-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-01" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "1030794", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030794" + }, + { + "name": "69523", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69523" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1018524", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1018524" + }, + { + "name": "openSUSE-SU-2015:1266", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html" + }, + { + "name": "openSUSE-SU-2014:1098", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00003.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-68.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-68.html" + }, + { + "name": "60148", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60148" + }, + { + "name": "openSUSE-SU-2014:1099", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.html" + }, + { + "name": "61114", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61114" + }, + { + "name": "1030793", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030793" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1700.json b/2014/1xxx/CVE-2014-1700.json index 0b251b73049..b2516d4be42 100644 --- a/2014/1xxx/CVE-2014-1700.json +++ b/2014/1xxx/CVE-2014-1700.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1700", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in modules/speech/SpeechSynthesis.cpp in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of a certain utterance data structure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2014-1700", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=344881", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=344881" - }, - { - "name" : "https://src.chromium.org/viewvc/blink?revision=168171&view=revision", - "refsource" : "CONFIRM", - "url" : "https://src.chromium.org/viewvc/blink?revision=168171&view=revision" - }, - { - "name" : "DSA-2883", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2883" - }, - { - "name" : "GLSA-201408-16", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml" - }, - { - "name" : "openSUSE-SU-2014:0501", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00008.html" - }, - { - "name" : "1029914", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029914" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in modules/speech/SpeechSynthesis.cpp in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of a certain utterance data structure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-2883", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2883" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=344881", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=344881" + }, + { + "name": "http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_11.html" + }, + { + "name": "GLSA-201408-16", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml" + }, + { + "name": "1029914", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029914" + }, + { + "name": "openSUSE-SU-2014:0501", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00008.html" + }, + { + "name": "https://src.chromium.org/viewvc/blink?revision=168171&view=revision", + "refsource": "CONFIRM", + "url": "https://src.chromium.org/viewvc/blink?revision=168171&view=revision" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1763.json b/2014/1xxx/CVE-2014-1763.json index 9cd1bb6c4b5..aa1dd626577 100644 --- a/2014/1xxx/CVE-2014-1763.json +++ b/2014/1xxx/CVE-2014-1763.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1763", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-1763", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140716 VUPEN Security Research - Microsoft Internet Explorer CSS @import Memory Corruption (Pwn2Own 2014)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/532797/100/0/threaded" - }, - { - "name" : "http://twitter.com/thezdi/statuses/443855973673754624", - "refsource" : "MISC", - "url" : "http://twitter.com/thezdi/statuses/443855973673754624" - }, - { - "name" : "http://www.pwn2own.com/2014/03/pwn2own-results-for-wednesday-day-one/", - "refsource" : "MISC", - "url" : "http://www.pwn2own.com/2014/03/pwn2own-results-for-wednesday-day-one/" - }, - { - "name" : "MS14-037", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037" - }, - { - "name" : "1030532", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030532" - }, - { - "name" : "59775", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59775" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS14-037", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-037" + }, + { + "name": "http://www.pwn2own.com/2014/03/pwn2own-results-for-wednesday-day-one/", + "refsource": "MISC", + "url": "http://www.pwn2own.com/2014/03/pwn2own-results-for-wednesday-day-one/" + }, + { + "name": "20140716 VUPEN Security Research - Microsoft Internet Explorer CSS @import Memory Corruption (Pwn2Own 2014)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/532797/100/0/threaded" + }, + { + "name": "59775", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59775" + }, + { + "name": "http://twitter.com/thezdi/statuses/443855973673754624", + "refsource": "MISC", + "url": "http://twitter.com/thezdi/statuses/443855973673754624" + }, + { + "name": "1030532", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030532" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5116.json b/2014/5xxx/CVE-2014-5116.json index 55d7b801552..c85c0b441f2 100644 --- a/2014/5xxx/CVE-2014-5116.json +++ b/2014/5xxx/CVE-2014-5116.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5116", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a large string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5116", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "33384", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/33384" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9761", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9761" - }, - { - "name" : "107083", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/107083" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a large string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33384", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/33384" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9761", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9761" + }, + { + "name": "107083", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/107083" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5265.json b/2014/5xxx/CVE-2014-5265.json index d820c221239..e747731c83e 100644 --- a/2014/5xxx/CVE-2014-5265.json +++ b/2014/5xxx/CVE-2014-5265.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5265", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5265", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://cgit.drupalcode.org/drupal/diff/includes/xmlrpc.inc?id=1849830", - "refsource" : "CONFIRM", - "url" : "http://cgit.drupalcode.org/drupal/diff/includes/xmlrpc.inc?id=1849830" - }, - { - "name" : "https://core.trac.wordpress.org/changeset/29404", - "refsource" : "CONFIRM", - "url" : "https://core.trac.wordpress.org/changeset/29404" - }, - { - "name" : "https://wordpress.org/news/2014/08/wordpress-3-9-2/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/news/2014/08/wordpress-3-9-2/" - }, - { - "name" : "https://www.drupal.org/SA-CORE-2014-004", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/SA-CORE-2014-004" - }, - { - "name" : "DSA-2999", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2999" - }, - { - "name" : "DSA-3001", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-3001" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3001", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-3001" + }, + { + "name": "https://wordpress.org/news/2014/08/wordpress-3-9-2/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/news/2014/08/wordpress-3-9-2/" + }, + { + "name": "https://www.drupal.org/SA-CORE-2014-004", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/SA-CORE-2014-004" + }, + { + "name": "http://cgit.drupalcode.org/drupal/diff/includes/xmlrpc.inc?id=1849830", + "refsource": "CONFIRM", + "url": "http://cgit.drupalcode.org/drupal/diff/includes/xmlrpc.inc?id=1849830" + }, + { + "name": "DSA-2999", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2999" + }, + { + "name": "https://core.trac.wordpress.org/changeset/29404", + "refsource": "CONFIRM", + "url": "https://core.trac.wordpress.org/changeset/29404" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5903.json b/2014/5xxx/CVE-2014-5903.json index 46a6abef185..e79376efef0 100644 --- a/2014/5xxx/CVE-2014-5903.json +++ b/2014/5xxx/CVE-2014-5903.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5903", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Mobile@Work (aka com.mobileiron) application 6.0.0.1.12R for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5903", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#823529", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/823529" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Mobile@Work (aka com.mobileiron) application 6.0.0.1.12R for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#823529", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/823529" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2084.json b/2015/2xxx/CVE-2015-2084.json index c23b7e3afce..fbcaa64a85c 100644 --- a/2015/2xxx/CVE-2015-2084.json +++ b/2015/2xxx/CVE-2015-2084.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2084", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin before 1.2.3 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the image_file parameter in an edit action in the cnss_social_icon_add page to wp-admin/admin.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2084", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "36161", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/36161" - }, - { - "name" : "20150221 Easy Social Icons WordPress plugin v1.2.2 Persistent XSS and CSRF", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Feb/76" - }, - { - "name" : "http://packetstormsecurity.com/files/130461/WordPress-Easy-Social-Icons-1.2.2-CSRF-XSS.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/130461/WordPress-Easy-Social-Icons-1.2.2-CSRF-XSS.html" - }, - { - "name" : "https://wordpress.org/plugins/easy-social-icons/changelog/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/plugins/easy-social-icons/changelog/" - }, - { - "name" : "74893", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74893" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin before 1.2.3 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the image_file parameter in an edit action in the cnss_social_icon_add page to wp-admin/admin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150221 Easy Social Icons WordPress plugin v1.2.2 Persistent XSS and CSRF", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Feb/76" + }, + { + "name": "http://packetstormsecurity.com/files/130461/WordPress-Easy-Social-Icons-1.2.2-CSRF-XSS.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/130461/WordPress-Easy-Social-Icons-1.2.2-CSRF-XSS.html" + }, + { + "name": "36161", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/36161" + }, + { + "name": "https://wordpress.org/plugins/easy-social-icons/changelog/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/easy-social-icons/changelog/" + }, + { + "name": "74893", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74893" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2404.json b/2015/2xxx/CVE-2015-2404.json index ce0bcd04665..75982f1855e 100644 --- a/2015/2xxx/CVE-2015-2404.json +++ b/2015/2xxx/CVE-2015-2404.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2404", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2385, CVE-2015-2390, CVE-2015-2397, CVE-2015-2406, and CVE-2015-2422." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2404", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-065", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" - }, - { - "name" : "1032894", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2385, CVE-2015-2390, CVE-2015-2397, CVE-2015-2406, and CVE-2015-2422." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032894", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032894" + }, + { + "name": "MS15-065", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2731.json b/2015/2xxx/CVE-2015-2731.json index 704b1f7af53..df1eeb164b0 100644 --- a/2015/2xxx/CVE-2015-2731.json +++ b/2015/2xxx/CVE-2015-2731.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2731", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-2731", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-63.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-63.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1149891", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1149891" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" - }, - { - "name" : "DSA-3300", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3300" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "RHSA-2015:1455", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1455.html" - }, - { - "name" : "RHSA-2015:1207", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1207.html" - }, - { - "name" : "openSUSE-SU-2015:1229", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html" - }, - { - "name" : "USN-2656-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2656-1" - }, - { - "name" : "USN-2656-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2656-2" - }, - { - "name" : "75541", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75541" - }, - { - "name" : "1032783", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032783" - }, - { - "name" : "1032784", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032784" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows remote attackers to execute arbitrary code by leveraging client-side JavaScript that triggers removal of a DOM object on the basis of a Content Policy." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:1229", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html" + }, + { + "name": "RHSA-2015:1455", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1455.html" + }, + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "75541", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75541" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-63.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-63.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1149891", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1149891" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "1032784", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032784" + }, + { + "name": "RHSA-2015:1207", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1207.html" + }, + { + "name": "USN-2656-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2656-1" + }, + { + "name": "1032783", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032783" + }, + { + "name": "DSA-3300", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3300" + }, + { + "name": "USN-2656-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2656-2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2985.json b/2015/2xxx/CVE-2015-2985.json index d72aa0f9b35..dab440fdfed 100644 --- a/2015/2xxx/CVE-2015-2985.json +++ b/2015/2xxx/CVE-2015-2985.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2985", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in guide-park.com BBS X102 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-2985", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JVN#13684924", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN13684924/index.html" - }, - { - "name" : "JVNDB-2015-000301", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000301" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in guide-park.com BBS X102 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#13684924", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN13684924/index.html" + }, + { + "name": "JVNDB-2015-000301", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000301" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10153.json b/2016/10xxx/CVE-2016-10153.json index e3208b0f279..7469d70dc3f 100644 --- a/2016/10xxx/CVE-2016-10153.json +++ b/2016/10xxx/CVE-2016-10153.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10153", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The crypto scatterlist API in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging reliance on earlier net/ceph/crypto.c code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10153", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2017/01/21/3" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a45f795c65b479b4ba107b6ccde29b896d51ee98", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a45f795c65b479b4ba107b6ccde29b896d51ee98" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.6", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.6" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1416101", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1416101" - }, - { - "name" : "https://github.com/torvalds/linux/commit/a45f795c65b479b4ba107b6ccde29b896d51ee98", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/a45f795c65b479b4ba107b6ccde29b896d51ee98" - }, - { - "name" : "95713", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95713" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The crypto scatterlist API in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging reliance on earlier net/ceph/crypto.c code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2017/01/21/3" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.6", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.6" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a45f795c65b479b4ba107b6ccde29b896d51ee98", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a45f795c65b479b4ba107b6ccde29b896d51ee98" + }, + { + "name": "95713", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95713" + }, + { + "name": "https://github.com/torvalds/linux/commit/a45f795c65b479b4ba107b6ccde29b896d51ee98", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/a45f795c65b479b4ba107b6ccde29b896d51ee98" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1416101", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416101" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10378.json b/2016/10xxx/CVE-2016-10378.json index da74b7a2ebe..2bca9c51c50 100644 --- a/2016/10xxx/CVE-2016-10378.json +++ b/2016/10xxx/CVE-2016-10378.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10378", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "e107 2.1.1 allows SQL injection by remote authenticated administrators via the pagelist parameter to e107_admin/menus.php, related to the menuSaveVisibility function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10378", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code610.blogspot.com/2016/09/sql-injection-in-latest-e107-cms.html", - "refsource" : "MISC", - "url" : "http://code610.blogspot.com/2016/09/sql-injection-in-latest-e107-cms.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "e107 2.1.1 allows SQL injection by remote authenticated administrators via the pagelist parameter to e107_admin/menus.php, related to the menuSaveVisibility function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://code610.blogspot.com/2016/09/sql-injection-in-latest-e107-cms.html", + "refsource": "MISC", + "url": "http://code610.blogspot.com/2016/09/sql-injection-in-latest-e107-cms.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10644.json b/2016/10xxx/CVE-2016-10644.json index fc767688d25..89c7cca6b89 100644 --- a/2016/10xxx/CVE-2016-10644.json +++ b/2016/10xxx/CVE-2016-10644.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10644", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "slimerjs-edge node module", - "version" : { - "version_data" : [ - { - "version_value" : "All versions" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "slimerjs-edge is a npm wrapper for installing the bleeding edge version of slimerjs. slimerjs-edge downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Encryption of Sensitive Data (CWE-311)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10644", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "slimerjs-edge node module", + "version": { + "version_data": [ + { + "version_value": "All versions" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/243", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/243" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "slimerjs-edge is a npm wrapper for installing the bleeding edge version of slimerjs. slimerjs-edge downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Encryption of Sensitive Data (CWE-311)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/243", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/243" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4451.json b/2016/4xxx/CVE-2016-4451.json index dd7c6e1187e..37b9f7c5424 100644 --- a/2016/4xxx/CVE-2016-4451.json +++ b/2016/4xxx/CVE-2016-4451.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4451", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) Organization and (2) Locations APIs in Foreman before 1.11.3 and 1.12.x before 1.12.0-RC1 allow remote authenticated users with unlimited filters to bypass organization and location restrictions and read or modify data for an arbitrary organization by leveraging knowledge of the id of that organization." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-4451", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://projects.theforeman.org/issues/15182", - "refsource" : "CONFIRM", - "url" : "http://projects.theforeman.org/issues/15182" - }, - { - "name" : "http://projects.theforeman.org/projects/foreman/repository/revisions/1144040f444b4bf4aae81940a150b26b23b4623c", - "refsource" : "CONFIRM", - "url" : "http://projects.theforeman.org/projects/foreman/repository/revisions/1144040f444b4bf4aae81940a150b26b23b4623c" - }, - { - "name" : "https://theforeman.org/security.html#2016-4451", - "refsource" : "CONFIRM", - "url" : "https://theforeman.org/security.html#2016-4451" - }, - { - "name" : "RHSA-2018:0336", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0336" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) Organization and (2) Locations APIs in Foreman before 1.11.3 and 1.12.x before 1.12.0-RC1 allow remote authenticated users with unlimited filters to bypass organization and location restrictions and read or modify data for an arbitrary organization by leveraging knowledge of the id of that organization." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2018:0336", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0336" + }, + { + "name": "https://theforeman.org/security.html#2016-4451", + "refsource": "CONFIRM", + "url": "https://theforeman.org/security.html#2016-4451" + }, + { + "name": "http://projects.theforeman.org/projects/foreman/repository/revisions/1144040f444b4bf4aae81940a150b26b23b4623c", + "refsource": "CONFIRM", + "url": "http://projects.theforeman.org/projects/foreman/repository/revisions/1144040f444b4bf4aae81940a150b26b23b4623c" + }, + { + "name": "http://projects.theforeman.org/issues/15182", + "refsource": "CONFIRM", + "url": "http://projects.theforeman.org/issues/15182" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4731.json b/2016/4xxx/CVE-2016-4731.json index 7f19b409487..4ef0a65f0bc 100644 --- a/2016/4xxx/CVE-2016-4731.json +++ b/2016/4xxx/CVE-2016-4731.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4731", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit in Apple iOS before 10 and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4729." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4731", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207143", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207143" - }, - { - "name" : "https://support.apple.com/HT207157", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207157" - }, - { - "name" : "APPLE-SA-2016-09-20-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html" - }, - { - "name" : "APPLE-SA-2016-09-20-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" - }, - { - "name" : "93053", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93053" - }, - { - "name" : "1036854", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036854" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit in Apple iOS before 10 and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4729." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-09-20-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" + }, + { + "name": "https://support.apple.com/HT207157", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207157" + }, + { + "name": "93053", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93053" + }, + { + "name": "1036854", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036854" + }, + { + "name": "https://support.apple.com/HT207143", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207143" + }, + { + "name": "APPLE-SA-2016-09-20-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8002.json b/2016/8xxx/CVE-2016-8002.json index ad4428ff1d2..eaaccb12c6b 100644 --- a/2016/8xxx/CVE-2016-8002.json +++ b/2016/8xxx/CVE-2016-8002.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8002", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8002", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8118.json b/2016/8xxx/CVE-2016-8118.json index a01498f2400..b3c536de428 100644 --- a/2016/8xxx/CVE-2016-8118.json +++ b/2016/8xxx/CVE-2016-8118.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8118", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8118", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8336.json b/2016/8xxx/CVE-2016-8336.json index 42ccf43e4bb..c1960a43d33 100644 --- a/2016/8xxx/CVE-2016-8336.json +++ b/2016/8xxx/CVE-2016-8336.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8336", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8336", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8919.json b/2016/8xxx/CVE-2016-8919.json index d7610e50cc3..cc0d38a1c43 100644 --- a/2016/8xxx/CVE-2016-8919.json +++ b/2016/8xxx/CVE-2016-8919.json @@ -1,690 +1,690 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-8919", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "WebSphere Application Server", - "version" : { - "version_data" : [ - { - "version_value" : "1.0.0.1" - }, - { - "version_value" : "1.0.1" - }, - { - "version_value" : "1.0.1.1" - }, - { - "version_value" : "1.0.1.2" - }, - { - "version_value" : "1.1" - }, - { - "version_value" : "1.1.0.1" - }, - { - "version_value" : "1.1.0.2" - }, - { - "version_value" : "2.0" - }, - { - "version_value" : "2.0" - }, - { - "version_value" : "3.0" - }, - { - "version_value" : "3.0.2" - }, - { - "version_value" : "3.0.2.1" - }, - { - "version_value" : "3.0.2.2" - }, - { - "version_value" : "3.0.2.3" - }, - { - "version_value" : "3.0.2.4" - }, - { - "version_value" : "3.5" - }, - { - "version_value" : "3.5.1" - }, - { - "version_value" : "3.5.2" - }, - { - "version_value" : "3.5.3" - }, - { - "version_value" : "3.52" - }, - { - "version_value" : "4.0.1" - }, - { - "version_value" : "4.0.2" - }, - { - "version_value" : "4.0.3" - }, - { - "version_value" : "4.0.4" - }, - { - "version_value" : "5.0" - }, - { - "version_value" : "5.0.0" - }, - { - "version_value" : "5.0.1" - }, - { - "version_value" : "5.0.2" - }, - { - "version_value" : "5.0.2.1" - }, - { - "version_value" : "5.0.2.10" - }, - { - "version_value" : "5.0.2.11" - }, - { - "version_value" : "5.0.2.12" - }, - { - "version_value" : "5.0.2.13" - }, - { - "version_value" : "5.0.2.14" - }, - { - "version_value" : "5.0.2.15" - }, - { - "version_value" : "5.0.2.16" - }, - { - "version_value" : "5.0.2.2" - }, - { - "version_value" : "5.0.2.3" - }, - { - "version_value" : "5.0.2.4" - }, - { - "version_value" : "5.0.2.5" - }, - { - "version_value" : "5.0.2.6" - }, - { - "version_value" : "5.0.2.7" - }, - { - "version_value" : "5.0.2.8" - }, - { - "version_value" : "5.0.2.9" - }, - { - "version_value" : "5.1" - }, - { - "version_value" : "5.1.0.2" - }, - { - "version_value" : "5.1.0.4" - }, - { - "version_value" : "5.1.0.5" - }, - { - "version_value" : "5.1.1" - }, - { - "version_value" : "5.1.1.1" - }, - { - "version_value" : "5.1.1.10" - }, - { - "version_value" : "5.1.1.11" - }, - { - "version_value" : "5.1.1.12" - }, - { - "version_value" : "5.1.1.13" - }, - { - "version_value" : "5.1.1.14" - }, - { - "version_value" : "5.1.1.15" - }, - { - "version_value" : "5.1.1.16" - }, - { - "version_value" : "5.1.1.17" - }, - { - "version_value" : "5.1.1.18" - }, - { - "version_value" : "5.1.1.2" - }, - { - "version_value" : "5.1.1.3" - }, - { - "version_value" : "5.1.1.4" - }, - { - "version_value" : "5.1.1.5" - }, - { - "version_value" : "5.1.1.6" - }, - { - "version_value" : "5.1.1.7" - }, - { - "version_value" : "5.1.1.8" - }, - { - "version_value" : "5.1.1.9" - }, - { - "version_value" : "5.3" - }, - { - "version_value" : "6.0" - }, - { - "version_value" : "6.0.0.1" - }, - { - "version_value" : "6.0.0.2" - }, - { - "version_value" : "6.0.0.3" - }, - { - "version_value" : "6.0.1" - }, - { - "version_value" : "6.0.1.1" - }, - { - "version_value" : "6.0.1.2" - }, - { - "version_value" : "6.0.2" - }, - { - "version_value" : "6.0.2.1" - }, - { - "version_value" : "6.0.2.11" - }, - { - "version_value" : "6.0.2.13" - }, - { - "version_value" : "6.0.2.15" - }, - { - "version_value" : "6.0.2.17" - }, - { - "version_value" : "6.0.2.19" - }, - { - "version_value" : "6.0.2.2" - }, - { - "version_value" : "6.0.2.21" - }, - { - "version_value" : "6.0.2.22" - }, - { - "version_value" : "6.0.2.23" - }, - { - "version_value" : "6.0.2.24" - }, - { - "version_value" : "6.0.2.25" - }, - { - "version_value" : "6.0.2.3" - }, - { - "version_value" : "6.0.2.4" - }, - { - "version_value" : "6.0.2.5" - }, - { - "version_value" : "6.0.2.6" - }, - { - "version_value" : "6.0.2.7" - }, - { - "version_value" : "6.0.2.8" - }, - { - "version_value" : "6.0.2.9" - }, - { - "version_value" : "6.1" - }, - { - "version_value" : "6.1.0" - }, - { - "version_value" : "6.1.0.0" - }, - { - "version_value" : "6.1.0.1" - }, - { - "version_value" : "6.1.0.11" - }, - { - "version_value" : "6.1.0.12" - }, - { - "version_value" : "6.1.0.13" - }, - { - "version_value" : "6.1.0.15" - }, - { - "version_value" : "6.1.0.2" - }, - { - "version_value" : "6.1.0.3" - }, - { - "version_value" : "6.1.0.4" - }, - { - "version_value" : "6.1.0.5" - }, - { - "version_value" : "6.1.0.6" - }, - { - "version_value" : "6.1.0.7" - }, - { - "version_value" : "6.1.0.9" - }, - { - "version_value" : "6.1.1" - }, - { - "version_value" : "6.1.13" - }, - { - "version_value" : "6.1.14" - }, - { - "version_value" : "6.1.3" - }, - { - "version_value" : "6.1.5" - }, - { - "version_value" : "6.1.6" - }, - { - "version_value" : "6.1.7" - }, - { - "version_value" : "6.10.17" - }, - { - "version_value" : "1.0" - }, - { - "version_value" : "6.1W" - }, - { - "version_value" : "7.0" - }, - { - "version_value" : "6.1.0.17" - }, - { - "version_value" : "6.1.0.19" - }, - { - "version_value" : "6.1.0.21" - }, - { - "version_value" : "6.0.2.27" - }, - { - "version_value" : "6.0.2.29" - }, - { - "version_value" : "6.0.2.31" - }, - { - "version_value" : "5.1.0.1" - }, - { - "version_value" : "6.0.2.26" - }, - { - "version_value" : "6.0.2.28" - }, - { - "version_value" : "6.1.0.16" - }, - { - "version_value" : "6.1.0.18" - }, - { - "version_value" : "6.0.1.11" - }, - { - "version_value" : "6.0.1.13" - }, - { - "version_value" : "6.0.1.15" - }, - { - "version_value" : "6.0.1.17" - }, - { - "version_value" : "6.0.1.3" - }, - { - "version_value" : "6.0.1.5" - }, - { - "version_value" : "6.0.1.7" - }, - { - "version_value" : "6.0.1.9" - }, - { - "version_value" : "6.1.0.10" - }, - { - "version_value" : "6.1.0.14" - }, - { - "version_value" : "6.1.0.20" - }, - { - "version_value" : "6.1.0.22" - }, - { - "version_value" : "6.1.0.8" - }, - { - "version_value" : "6.0.2.30" - }, - { - "version_value" : "6.0.2.32" - }, - { - "version_value" : "2.1" - }, - { - "version_value" : "6.0.2.10" - }, - { - "version_value" : "6.0.2.12" - }, - { - "version_value" : "6.0.2.14" - }, - { - "version_value" : "6.0.2.16" - }, - { - "version_value" : "6.0.2.18" - }, - { - "version_value" : "6.0.2.20" - }, - { - "version_value" : "6.0.2.33" - }, - { - "version_value" : "6.0.2" - }, - { - "version_value" : "6.1.0.23" - }, - { - "version_value" : "7.0.0.1" - }, - { - "version_value" : "6.1.0.25" - }, - { - "version_value" : "6.1.0.27" - }, - { - "version_value" : "6.1.0.29" - }, - { - "version_value" : "6.0.2.35" - }, - { - "version_value" : "6.0.2.37" - }, - { - "version_value" : "6.0.2.39" - }, - { - "version_value" : "6.1.0.26" - }, - { - "version_value" : "6.1.0.24" - }, - { - "version_value" : "7.0.0.9" - }, - { - "version_value" : "7.0.0.5" - }, - { - "version_value" : "7.0.0.7" - }, - { - "version_value" : "7.0.0.3" - }, - { - "version_value" : "7.0.0.11" - }, - { - "version_value" : "7.0.0.13" - }, - { - "version_value" : "8.0" - }, - { - "version_value" : "8.0.0.0" - }, - { - "version_value" : "3.0" - }, - { - "version_value" : "3.0.21" - }, - { - "version_value" : "5.1.0.3" - }, - { - "version_value" : "6.1.0.31" - }, - { - "version_value" : "6.1.0.33" - }, - { - "version_value" : "6.1.0.35" - }, - { - "version_value" : "6.1.0.37" - }, - { - "version_value" : "6.1.0.39" - }, - { - "version_value" : "6.1.0.41" - }, - { - "version_value" : "7.0.0.15" - }, - { - "version_value" : "7.0.0.17" - }, - { - "version_value" : "7.0.0.19" - }, - { - "version_value" : "7.0.0.2" - }, - { - "version_value" : "7.0.0.21" - }, - { - "version_value" : "7.0.0.23" - }, - { - "version_value" : "7.0.0.4" - }, - { - "version_value" : "7.0.0.6" - }, - { - "version_value" : "7.0.0.8" - }, - { - "version_value" : "7.1" - }, - { - "version_value" : "7.2" - }, - { - "version_value" : "8.0.0.1" - }, - { - "version_value" : "8.5" - }, - { - "version_value" : "8.5.5" - }, - { - "version_value" : "3.0.0.3" - }, - { - "version_value" : "3.0.0.4" - }, - { - "version_value" : "8.0.0" - }, - { - "version_value" : "7.0.0" - }, - { - "version_value" : "8.5" - }, - { - "version_value" : "9.0.0.0" - }, - { - "version_value" : "Not" - }, - { - "version_value" : "Applicable" - }, - { - "version_value" : "" - }, - { - "version_value" : "9.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to run and cause the consumption of resources." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-8919", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "WebSphere Application Server", + "version": { + "version_data": [ + { + "version_value": "1.0.0.1" + }, + { + "version_value": "1.0.1" + }, + { + "version_value": "1.0.1.1" + }, + { + "version_value": "1.0.1.2" + }, + { + "version_value": "1.1" + }, + { + "version_value": "1.1.0.1" + }, + { + "version_value": "1.1.0.2" + }, + { + "version_value": "2.0" + }, + { + "version_value": "2.0" + }, + { + "version_value": "3.0" + }, + { + "version_value": "3.0.2" + }, + { + "version_value": "3.0.2.1" + }, + { + "version_value": "3.0.2.2" + }, + { + "version_value": "3.0.2.3" + }, + { + "version_value": "3.0.2.4" + }, + { + "version_value": "3.5" + }, + { + "version_value": "3.5.1" + }, + { + "version_value": "3.5.2" + }, + { + "version_value": "3.5.3" + }, + { + "version_value": "3.52" + }, + { + "version_value": "4.0.1" + }, + { + "version_value": "4.0.2" + }, + { + "version_value": "4.0.3" + }, + { + "version_value": "4.0.4" + }, + { + "version_value": "5.0" + }, + { + "version_value": "5.0.0" + }, + { + "version_value": "5.0.1" + }, + { + "version_value": "5.0.2" + }, + { + "version_value": "5.0.2.1" + }, + { + "version_value": "5.0.2.10" + }, + { + "version_value": "5.0.2.11" + }, + { + "version_value": "5.0.2.12" + }, + { + "version_value": "5.0.2.13" + }, + { + "version_value": "5.0.2.14" + }, + { + "version_value": "5.0.2.15" + }, + { + "version_value": "5.0.2.16" + }, + { + "version_value": "5.0.2.2" + }, + { + "version_value": "5.0.2.3" + }, + { + "version_value": "5.0.2.4" + }, + { + "version_value": "5.0.2.5" + }, + { + "version_value": "5.0.2.6" + }, + { + "version_value": "5.0.2.7" + }, + { + "version_value": "5.0.2.8" + }, + { + "version_value": "5.0.2.9" + }, + { + "version_value": "5.1" + }, + { + "version_value": "5.1.0.2" + }, + { + "version_value": "5.1.0.4" + }, + { + "version_value": "5.1.0.5" + }, + { + "version_value": "5.1.1" + }, + { + "version_value": "5.1.1.1" + }, + { + "version_value": "5.1.1.10" + }, + { + "version_value": "5.1.1.11" + }, + { + "version_value": "5.1.1.12" + }, + { + "version_value": "5.1.1.13" + }, + { + "version_value": "5.1.1.14" + }, + { + "version_value": "5.1.1.15" + }, + { + "version_value": "5.1.1.16" + }, + { + "version_value": "5.1.1.17" + }, + { + "version_value": "5.1.1.18" + }, + { + "version_value": "5.1.1.2" + }, + { + "version_value": "5.1.1.3" + }, + { + "version_value": "5.1.1.4" + }, + { + "version_value": "5.1.1.5" + }, + { + "version_value": "5.1.1.6" + }, + { + "version_value": "5.1.1.7" + }, + { + "version_value": "5.1.1.8" + }, + { + "version_value": "5.1.1.9" + }, + { + "version_value": "5.3" + }, + { + "version_value": "6.0" + }, + { + "version_value": "6.0.0.1" + }, + { + "version_value": "6.0.0.2" + }, + { + "version_value": "6.0.0.3" + }, + { + "version_value": "6.0.1" + }, + { + "version_value": "6.0.1.1" + }, + { + "version_value": "6.0.1.2" + }, + { + "version_value": "6.0.2" + }, + { + "version_value": "6.0.2.1" + }, + { + "version_value": "6.0.2.11" + }, + { + "version_value": "6.0.2.13" + }, + { + "version_value": "6.0.2.15" + }, + { + "version_value": "6.0.2.17" + }, + { + "version_value": "6.0.2.19" + }, + { + "version_value": "6.0.2.2" + }, + { + "version_value": "6.0.2.21" + }, + { + "version_value": "6.0.2.22" + }, + { + "version_value": "6.0.2.23" + }, + { + "version_value": "6.0.2.24" + }, + { + "version_value": "6.0.2.25" + }, + { + "version_value": "6.0.2.3" + }, + { + "version_value": "6.0.2.4" + }, + { + "version_value": "6.0.2.5" + }, + { + "version_value": "6.0.2.6" + }, + { + "version_value": "6.0.2.7" + }, + { + "version_value": "6.0.2.8" + }, + { + "version_value": "6.0.2.9" + }, + { + "version_value": "6.1" + }, + { + "version_value": "6.1.0" + }, + { + "version_value": "6.1.0.0" + }, + { + "version_value": "6.1.0.1" + }, + { + "version_value": "6.1.0.11" + }, + { + "version_value": "6.1.0.12" + }, + { + "version_value": "6.1.0.13" + }, + { + "version_value": "6.1.0.15" + }, + { + "version_value": "6.1.0.2" + }, + { + "version_value": "6.1.0.3" + }, + { + "version_value": "6.1.0.4" + }, + { + "version_value": "6.1.0.5" + }, + { + "version_value": "6.1.0.6" + }, + { + "version_value": "6.1.0.7" + }, + { + "version_value": "6.1.0.9" + }, + { + "version_value": "6.1.1" + }, + { + "version_value": "6.1.13" + }, + { + "version_value": "6.1.14" + }, + { + "version_value": "6.1.3" + }, + { + "version_value": "6.1.5" + }, + { + "version_value": "6.1.6" + }, + { + "version_value": "6.1.7" + }, + { + "version_value": "6.10.17" + }, + { + "version_value": "1.0" + }, + { + "version_value": "6.1W" + }, + { + "version_value": "7.0" + }, + { + "version_value": "6.1.0.17" + }, + { + "version_value": "6.1.0.19" + }, + { + "version_value": "6.1.0.21" + }, + { + "version_value": "6.0.2.27" + }, + { + "version_value": "6.0.2.29" + }, + { + "version_value": "6.0.2.31" + }, + { + "version_value": "5.1.0.1" + }, + { + "version_value": "6.0.2.26" + }, + { + "version_value": "6.0.2.28" + }, + { + "version_value": "6.1.0.16" + }, + { + "version_value": "6.1.0.18" + }, + { + "version_value": "6.0.1.11" + }, + { + "version_value": "6.0.1.13" + }, + { + "version_value": "6.0.1.15" + }, + { + "version_value": "6.0.1.17" + }, + { + "version_value": "6.0.1.3" + }, + { + "version_value": "6.0.1.5" + }, + { + "version_value": "6.0.1.7" + }, + { + "version_value": "6.0.1.9" + }, + { + "version_value": "6.1.0.10" + }, + { + "version_value": "6.1.0.14" + }, + { + "version_value": "6.1.0.20" + }, + { + "version_value": "6.1.0.22" + }, + { + "version_value": "6.1.0.8" + }, + { + "version_value": "6.0.2.30" + }, + { + "version_value": "6.0.2.32" + }, + { + "version_value": "2.1" + }, + { + "version_value": "6.0.2.10" + }, + { + "version_value": "6.0.2.12" + }, + { + "version_value": "6.0.2.14" + }, + { + "version_value": "6.0.2.16" + }, + { + "version_value": "6.0.2.18" + }, + { + "version_value": "6.0.2.20" + }, + { + "version_value": "6.0.2.33" + }, + { + "version_value": "6.0.2" + }, + { + "version_value": "6.1.0.23" + }, + { + "version_value": "7.0.0.1" + }, + { + "version_value": "6.1.0.25" + }, + { + "version_value": "6.1.0.27" + }, + { + "version_value": "6.1.0.29" + }, + { + "version_value": "6.0.2.35" + }, + { + "version_value": "6.0.2.37" + }, + { + "version_value": "6.0.2.39" + }, + { + "version_value": "6.1.0.26" + }, + { + "version_value": "6.1.0.24" + }, + { + "version_value": "7.0.0.9" + }, + { + "version_value": "7.0.0.5" + }, + { + "version_value": "7.0.0.7" + }, + { + "version_value": "7.0.0.3" + }, + { + "version_value": "7.0.0.11" + }, + { + "version_value": "7.0.0.13" + }, + { + "version_value": "8.0" + }, + { + "version_value": "8.0.0.0" + }, + { + "version_value": "3.0" + }, + { + "version_value": "3.0.21" + }, + { + "version_value": "5.1.0.3" + }, + { + "version_value": "6.1.0.31" + }, + { + "version_value": "6.1.0.33" + }, + { + "version_value": "6.1.0.35" + }, + { + "version_value": "6.1.0.37" + }, + { + "version_value": "6.1.0.39" + }, + { + "version_value": "6.1.0.41" + }, + { + "version_value": "7.0.0.15" + }, + { + "version_value": "7.0.0.17" + }, + { + "version_value": "7.0.0.19" + }, + { + "version_value": "7.0.0.2" + }, + { + "version_value": "7.0.0.21" + }, + { + "version_value": "7.0.0.23" + }, + { + "version_value": "7.0.0.4" + }, + { + "version_value": "7.0.0.6" + }, + { + "version_value": "7.0.0.8" + }, + { + "version_value": "7.1" + }, + { + "version_value": "7.2" + }, + { + "version_value": "8.0.0.1" + }, + { + "version_value": "8.5" + }, + { + "version_value": "8.5.5" + }, + { + "version_value": "3.0.0.3" + }, + { + "version_value": "3.0.0.4" + }, + { + "version_value": "8.0.0" + }, + { + "version_value": "7.0.0" + }, + { + "version_value": "8.5" + }, + { + "version_value": "9.0.0.0" + }, + { + "version_value": "Not" + }, + { + "version_value": "Applicable" + }, + { + "version_value": "" + }, + { + "version_value": "9.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21993797", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21993797" - }, - { - "name" : "95650", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95650" - }, - { - "name" : "1037710", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037710" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to run and cause the consumption of resources." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95650", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95650" + }, + { + "name": "1037710", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037710" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21993797", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21993797" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9254.json b/2016/9xxx/CVE-2016-9254.json index db39cfbc1e4..ca3a7ef5d9e 100644 --- a/2016/9xxx/CVE-2016-9254.json +++ b/2016/9xxx/CVE-2016-9254.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9254", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9254", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9305.json b/2016/9xxx/CVE-2016-9305.json index d17bedef958..d31129baa88 100644 --- a/2016/9xxx/CVE-2016-9305.json +++ b/2016/9xxx/CVE-2016-9305.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9305", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9305", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01", - "refsource" : "CONFIRM", - "url" : "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01" - }, - { - "name" : "95803", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95803" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01", + "refsource": "CONFIRM", + "url": "http://www.autodesk.com/trust/security-advisories/adsk-sa-2016-01" + }, + { + "name": "95803", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95803" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9345.json b/2016/9xxx/CVE-2016-9345.json index 8b8adb45482..5bba9442520 100644 --- a/2016/9xxx/CVE-2016-9345.json +++ b/2016/9xxx/CVE-2016-9345.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "ID" : "CVE-2016-9345", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Emerson DeltaV Easy Security Management through 13.3", - "version" : { - "version_data" : [ - { - "version_value" : "Emerson DeltaV Easy Security Management through 13.3" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Emerson DeltaV Easy Security Management DeltaV V12.3, DeltaV V12.3.1, and DeltaV V13.3. Critical vulnerabilities may allow a local attacker to elevate privileges within the DeltaV control system." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Emerson DeltaV Easy Security Management Application Vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-9345", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Emerson DeltaV Easy Security Management through 13.3", + "version": { + "version_data": [ + { + "version_value": "Emerson DeltaV Easy Security Management through 13.3" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-334-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-334-02" - }, - { - "name" : "94584", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94584" - }, - { - "name" : "105767", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105767" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Emerson DeltaV Easy Security Management DeltaV V12.3, DeltaV V12.3.1, and DeltaV V13.3. Critical vulnerabilities may allow a local attacker to elevate privileges within the DeltaV control system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Emerson DeltaV Easy Security Management Application Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-334-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-334-02" + }, + { + "name": "105767", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105767" + }, + { + "name": "94584", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94584" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9454.json b/2016/9xxx/CVE-2016-9454.json index 8a6c9ffe0e3..4cd79cac92d 100644 --- a/2016/9xxx/CVE-2016-9454.json +++ b/2016/9xxx/CVE-2016-9454.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "ID" : "CVE-2016-9454", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Revive Adserver All versions before 3.2.3", - "version" : { - "version_data" : [ - { - "version_value" : "Revive Adserver All versions before 3.2.3" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The banner image URL for external banners wasn't properly escaped when displayed in most of the banner related pages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "ID": "CVE-2016-9454", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Revive Adserver All versions before 3.2.3", + "version": { + "version_data": [ + { + "version_value": "Revive Adserver All versions before 3.2.3" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/revive-adserver/revive-adserver/commit/f6880330a8e11e804663f132867e9eb9b1f94e83", - "refsource" : "MISC", - "url" : "https://github.com/revive-adserver/revive-adserver/commit/f6880330a8e11e804663f132867e9eb9b1f94e83" - }, - { - "name" : "https://www.revive-adserver.com/security/revive-sa-2016-001/", - "refsource" : "MISC", - "url" : "https://www.revive-adserver.com/security/revive-sa-2016-001/" - }, - { - "name" : "83964", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/83964" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Revive Adserver before 3.2.3 suffers from Persistent XSS. A vector for persistent XSS attacks via the Revive Adserver user interface exists, requiring a trusted (non-admin) account. The banner image URL for external banners wasn't properly escaped when displayed in most of the banner related pages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "83964", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/83964" + }, + { + "name": "https://www.revive-adserver.com/security/revive-sa-2016-001/", + "refsource": "MISC", + "url": "https://www.revive-adserver.com/security/revive-sa-2016-001/" + }, + { + "name": "https://github.com/revive-adserver/revive-adserver/commit/f6880330a8e11e804663f132867e9eb9b1f94e83", + "refsource": "MISC", + "url": "https://github.com/revive-adserver/revive-adserver/commit/f6880330a8e11e804663f132867e9eb9b1f94e83" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2070.json b/2019/2xxx/CVE-2019-2070.json index 5b3665874bd..24ec5d427ec 100644 --- a/2019/2xxx/CVE-2019-2070.json +++ b/2019/2xxx/CVE-2019-2070.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2070", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2070", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2195.json b/2019/2xxx/CVE-2019-2195.json index 1eabf06e862..dc437559542 100644 --- a/2019/2xxx/CVE-2019-2195.json +++ b/2019/2xxx/CVE-2019-2195.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2195", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2195", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2371.json b/2019/2xxx/CVE-2019-2371.json index a4502bac8a8..7a91cad7bdb 100644 --- a/2019/2xxx/CVE-2019-2371.json +++ b/2019/2xxx/CVE-2019-2371.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2371", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2371", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2878.json b/2019/2xxx/CVE-2019-2878.json index eca297df0d7..6342025d992 100644 --- a/2019/2xxx/CVE-2019-2878.json +++ b/2019/2xxx/CVE-2019-2878.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2878", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2878", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2943.json b/2019/2xxx/CVE-2019-2943.json index 66876da46f8..da2f9e7512c 100644 --- a/2019/2xxx/CVE-2019-2943.json +++ b/2019/2xxx/CVE-2019-2943.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2943", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2943", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3157.json b/2019/3xxx/CVE-2019-3157.json index dd2cfefc559..6ff67529d1d 100644 --- a/2019/3xxx/CVE-2019-3157.json +++ b/2019/3xxx/CVE-2019-3157.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3157", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3157", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3414.json b/2019/3xxx/CVE-2019-3414.json index 3dde1899178..e4fbb648abd 100644 --- a/2019/3xxx/CVE-2019-3414.json +++ b/2019/3xxx/CVE-2019-3414.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3414", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3414", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6472.json b/2019/6xxx/CVE-2019-6472.json index e004ed9c4a0..07e90103579 100644 --- a/2019/6xxx/CVE-2019-6472.json +++ b/2019/6xxx/CVE-2019-6472.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6472", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6472", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6485.json b/2019/6xxx/CVE-2019-6485.json index 9a986b641ef..832a6218176 100644 --- a/2019/6xxx/CVE-2019-6485.json +++ b/2019/6xxx/CVE-2019-6485.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6485", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 allow remote attackers to obtain sensitive plaintext information because of a TLS Padding Oracle Vulnerability when CBC-based cipher suites are enabled." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6485", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/RUB-NDS/TLS-Padding-Oracles", - "refsource" : "MISC", - "url" : "https://github.com/RUB-NDS/TLS-Padding-Oracles" - }, - { - "name" : "https://support.citrix.com/article/CTX240139", - "refsource" : "MISC", - "url" : "https://support.citrix.com/article/CTX240139" - }, - { - "name" : "106783", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106783" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 allow remote attackers to obtain sensitive plaintext information because of a TLS Padding Oracle Vulnerability when CBC-based cipher suites are enabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/RUB-NDS/TLS-Padding-Oracles", + "refsource": "MISC", + "url": "https://github.com/RUB-NDS/TLS-Padding-Oracles" + }, + { + "name": "https://support.citrix.com/article/CTX240139", + "refsource": "MISC", + "url": "https://support.citrix.com/article/CTX240139" + }, + { + "name": "106783", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106783" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6855.json b/2019/6xxx/CVE-2019-6855.json index 84e03875cdc..ca8aeffc86d 100644 --- a/2019/6xxx/CVE-2019-6855.json +++ b/2019/6xxx/CVE-2019-6855.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6855", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6855", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7002.json b/2019/7xxx/CVE-2019-7002.json index 5be3b8fc29f..877dcaee93c 100644 --- a/2019/7xxx/CVE-2019-7002.json +++ b/2019/7xxx/CVE-2019-7002.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7002", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7002", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7208.json b/2019/7xxx/CVE-2019-7208.json index 4e60388eb08..29111cb8bcd 100644 --- a/2019/7xxx/CVE-2019-7208.json +++ b/2019/7xxx/CVE-2019-7208.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7208", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7208", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7915.json b/2019/7xxx/CVE-2019-7915.json index 8f4f4f2094f..35a254f7c1a 100644 --- a/2019/7xxx/CVE-2019-7915.json +++ b/2019/7xxx/CVE-2019-7915.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7915", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7915", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file