From 282d0c50e6423bb99c6b2705765157356cc8668a Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 04:45:38 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0024.json | 290 +++++++------- 2007/0xxx/CVE-2007-0179.json | 150 ++++---- 2007/0xxx/CVE-2007-0330.json | 170 ++++----- 2007/0xxx/CVE-2007-0780.json | 590 ++++++++++++++--------------- 2007/3xxx/CVE-2007-3008.json | 170 ++++----- 2007/3xxx/CVE-2007-3166.json | 150 ++++---- 2007/6xxx/CVE-2007-6550.json | 170 ++++----- 2014/1xxx/CVE-2014-1220.json | 34 +- 2014/1xxx/CVE-2014-1515.json | 140 +++---- 2014/5xxx/CVE-2014-5055.json | 34 +- 2014/5xxx/CVE-2014-5070.json | 120 +++--- 2014/5xxx/CVE-2014-5234.json | 160 ++++---- 2014/5xxx/CVE-2014-5439.json | 34 +- 2015/2xxx/CVE-2015-2042.json | 240 ++++++------ 2015/2xxx/CVE-2015-2332.json | 140 +++---- 2015/2xxx/CVE-2015-2567.json | 150 ++++---- 2015/6xxx/CVE-2015-6202.json | 34 +- 2015/6xxx/CVE-2015-6368.json | 120 +++--- 2015/6xxx/CVE-2015-6436.json | 34 +- 2015/6xxx/CVE-2015-6496.json | 190 +++++----- 2015/6xxx/CVE-2015-6543.json | 34 +- 2015/6xxx/CVE-2015-6952.json | 34 +- 2015/7xxx/CVE-2015-7283.json | 140 +++---- 2015/7xxx/CVE-2015-7762.json | 160 ++++---- 2016/0xxx/CVE-2016-0016.json | 150 ++++---- 2016/0xxx/CVE-2016-0208.json | 140 +++---- 2016/0xxx/CVE-2016-0400.json | 150 ++++---- 2016/0xxx/CVE-2016-0594.json | 150 ++++---- 2016/0xxx/CVE-2016-0624.json | 34 +- 2016/1000xxx/CVE-2016-1000368.json | 34 +- 2016/10xxx/CVE-2016-10250.json | 140 +++---- 2016/10xxx/CVE-2016-10603.json | 122 +++--- 2016/10xxx/CVE-2016-10647.json | 122 +++--- 2016/4xxx/CVE-2016-4215.json | 140 +++---- 2016/9xxx/CVE-2016-9012.json | 130 +++---- 2016/9xxx/CVE-2016-9475.json | 34 +- 2019/2xxx/CVE-2019-2075.json | 34 +- 2019/2xxx/CVE-2019-2197.json | 34 +- 2019/2xxx/CVE-2019-2626.json | 34 +- 2019/2xxx/CVE-2019-2803.json | 34 +- 2019/2xxx/CVE-2019-2830.json | 34 +- 2019/3xxx/CVE-2019-3091.json | 34 +- 2019/3xxx/CVE-2019-3131.json | 34 +- 2019/3xxx/CVE-2019-3196.json | 34 +- 2019/3xxx/CVE-2019-3426.json | 34 +- 2019/3xxx/CVE-2019-3744.json | 34 +- 2019/6xxx/CVE-2019-6468.json | 34 +- 2019/6xxx/CVE-2019-6706.json | 130 +++---- 2019/6xxx/CVE-2019-6820.json | 34 +- 2019/6xxx/CVE-2019-6955.json | 34 +- 2019/7xxx/CVE-2019-7468.json | 34 +- 2019/7xxx/CVE-2019-7790.json | 34 +- 2019/7xxx/CVE-2019-7800.json | 34 +- 2019/8xxx/CVE-2019-8286.json | 34 +- 2019/8xxx/CVE-2019-8353.json | 34 +- 2019/8xxx/CVE-2019-8536.json | 34 +- 2019/9xxx/CVE-2019-9064.json | 120 +++--- 2019/9xxx/CVE-2019-9203.json | 34 +- 58 files changed, 2882 insertions(+), 2882 deletions(-) diff --git a/2007/0xxx/CVE-2007-0024.json b/2007/0xxx/CVE-2007-0024.json index b62524f8547..ab4bc4d3a8b 100644 --- a/2007/0xxx/CVE-2007-0024.json +++ b/2007/0xxx/CVE-2007-0024.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0024", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the Vector Markup Language (VML) implementation (vgx.dll) in Microsoft Internet Explorer 5.01, 6, and 7 on Windows 2000 SP4, XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted web page that contains unspecified integer properties that cause insufficient memory allocation and trigger a buffer overflow, aka the \"VML Buffer Overrun Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-0024", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070109 Microsoft Windows VML Element Integer Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=462" - }, - { - "name" : "20070116 MS07-004 VML Integer Overflow Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457053/100/0/threaded" - }, - { - "name" : "20070117 Re: MS07-004 VML Integer Overflow Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457164/100/0/threaded" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-009.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-009.htm" - }, - { - "name" : "HPSBST02184", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/457274/100/0/threaded" - }, - { - "name" : "SSRT071296", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/457274/100/0/threaded" - }, - { - "name" : "MS07-004", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-004" - }, - { - "name" : "929969", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/?kbid=929969" - }, - { - "name" : "TA07-009A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-009A.html" - }, - { - "name" : "VU#122084", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/122084" - }, - { - "name" : "21930", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21930" - }, - { - "name" : "ADV-2007-0105", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0105" - }, - { - "name" : "ADV-2007-0129", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0129" - }, - { - "name" : "31250", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/31250" - }, - { - "name" : "oval:org.mitre.oval:def:1058", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1058" - }, - { - "name" : "1017489", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017489" - }, - { - "name" : "23677", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23677" - }, - { - "name" : "ie-vml-record-bo(31287)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31287" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the Vector Markup Language (VML) implementation (vgx.dll) in Microsoft Internet Explorer 5.01, 6, and 7 on Windows 2000 SP4, XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted web page that contains unspecified integer properties that cause insufficient memory allocation and trigger a buffer overflow, aka the \"VML Buffer Overrun Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0129", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0129" + }, + { + "name": "MS07-004", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-004" + }, + { + "name": "TA07-009A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-009A.html" + }, + { + "name": "21930", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21930" + }, + { + "name": "VU#122084", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/122084" + }, + { + "name": "HPSBST02184", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/457274/100/0/threaded" + }, + { + "name": "oval:org.mitre.oval:def:1058", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1058" + }, + { + "name": "23677", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23677" + }, + { + "name": "1017489", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017489" + }, + { + "name": "ie-vml-record-bo(31287)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31287" + }, + { + "name": "20070116 MS07-004 VML Integer Overflow Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457053/100/0/threaded" + }, + { + "name": "ADV-2007-0105", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0105" + }, + { + "name": "31250", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/31250" + }, + { + "name": "SSRT071296", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/457274/100/0/threaded" + }, + { + "name": "20070117 Re: MS07-004 VML Integer Overflow Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457164/100/0/threaded" + }, + { + "name": "929969", + "refsource": "MSKB", + "url": "http://support.microsoft.com/?kbid=929969" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-009.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-009.htm" + }, + { + "name": "20070109 Microsoft Windows VML Element Integer Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=462" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0179.json b/2007/0xxx/CVE-2007-0179.json index 25118a68900..17f9997103e 100644 --- a/2007/0xxx/CVE-2007-0179.json +++ b/2007/0xxx/CVE-2007-0179.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0179", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the subid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0179", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070109 Re: PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456384/100/0/threaded" - }, - { - "name" : "21962", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21962" - }, - { - "name" : "31266", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31266" - }, - { - "name" : "2131", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2131" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the subid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31266", + "refsource": "OSVDB", + "url": "http://osvdb.org/31266" + }, + { + "name": "20070109 Re: PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456384/100/0/threaded" + }, + { + "name": "2131", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2131" + }, + { + "name": "21962", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21962" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0330.json b/2007/0xxx/CVE-2007-0330.json index 7e253d7688d..44fd63443d2 100644 --- a/2007/0xxx/CVE-2007-0330.json +++ b/2007/0xxx/CVE-2007-0330.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0330", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0330", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070112 Ipswitch WS_FTP 2007 Professional \"wsftpurl\" access violation vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456755/100/0/threaded" - }, - { - "name" : "20070114 Re: Ipswitch WS_FTP 2007 Professional \"wsftpurl\" access violation vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456901/100/0/threaded" - }, - { - "name" : "20070116 Re: Ipswitch WS_FTP 2007 Professional \"wsftpurl\" access violation vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457097/100/0/threaded" - }, - { - "name" : "22062", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22062" - }, - { - "name" : "33476", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33476" - }, - { - "name" : "2160", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2160" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2160", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2160" + }, + { + "name": "20070116 Re: Ipswitch WS_FTP 2007 Professional \"wsftpurl\" access violation vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457097/100/0/threaded" + }, + { + "name": "20070112 Ipswitch WS_FTP 2007 Professional \"wsftpurl\" access violation vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456755/100/0/threaded" + }, + { + "name": "33476", + "refsource": "OSVDB", + "url": "http://osvdb.org/33476" + }, + { + "name": "22062", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22062" + }, + { + "name": "20070114 Re: Ipswitch WS_FTP 2007 Professional \"wsftpurl\" access violation vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456901/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0780.json b/2007/0xxx/CVE-2007-0780.json index 9ea81aaa817..e610eff8bc8 100644 --- a/2007/0xxx/CVE-2007-0780.json +++ b/2007/0xxx/CVE-2007-0780.json @@ -1,297 +1,297 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0780", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0780", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070226 rPSA-2007-0040-1 firefox", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461336/100/0/threaded" - }, - { - "name" : "20070303 rPSA-2007-0040-3 firefox thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461809/100/0/threaded" - }, - { - "name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=354973", - "refsource" : "MISC", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=354973" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1081", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1081" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1103", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1103" - }, - { - "name" : "FEDORA-2007-281", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2713" - }, - { - "name" : "FEDORA-2007-293", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2728" - }, - { - "name" : "GLSA-200703-04", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-04.xml" - }, - { - "name" : "GLSA-200703-08", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml" - }, - { - "name" : "HPSBUX02153", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "SSRT061181", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "MDKSA-2007:050", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050" - }, - { - "name" : "RHSA-2007:0079", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0079.html" - }, - { - "name" : "RHSA-2007:0077", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0077.html" - }, - { - "name" : "RHSA-2007:0078", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0078.html" - }, - { - "name" : "RHSA-2007:0097", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0097.html" - }, - { - "name" : "RHSA-2007:0108", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0108.html" - }, - { - "name" : "20070301-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc" - }, - { - "name" : "20070202-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc" - }, - { - "name" : "SSA:2007-066-03", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851" - }, - { - "name" : "SSA:2007-066-05", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131" - }, - { - "name" : "SUSE-SA:2007:019", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html" - }, - { - "name" : "SUSE-SA:2007:022", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html" - }, - { - "name" : "USN-428-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-428-1" - }, - { - "name" : "22694", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22694" - }, - { - "name" : "oval:org.mitre.oval:def:9884", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884" - }, - { - "name" : "ADV-2007-0718", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0718" - }, - { - "name" : "32107", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32107" - }, - { - "name" : "1017702", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017702" - }, - { - "name" : "24238", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24238" - }, - { - "name" : "24287", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24287" - }, - { - "name" : "24290", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24290" - }, - { - "name" : "24205", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24205" - }, - { - "name" : "24328", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24328" - }, - { - "name" : "24333", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24333" - }, - { - "name" : "24343", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24343" - }, - { - "name" : "24320", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24320" - }, - { - "name" : "24293", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24293" - }, - { - "name" : "24393", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24393" - }, - { - "name" : "24395", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24395" - }, - { - "name" : "24384", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24384" - }, - { - "name" : "24437", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24437" - }, - { - "name" : "24650", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24650" - }, - { - "name" : "24455", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24455" - }, - { - "name" : "24457", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24457" - }, - { - "name" : "24342", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24342" - }, - { - "name" : "mozilla-dataurl-xss(32667)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32667" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2007:0078", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-05.html" + }, + { + "name": "24395", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24395" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=354973", + "refsource": "MISC", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=354973" + }, + { + "name": "20070226 rPSA-2007-0040-1 firefox", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded" + }, + { + "name": "24328", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24328" + }, + { + "name": "RHSA-2007:0108", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html" + }, + { + "name": "GLSA-200703-04", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-04.xml" + }, + { + "name": "GLSA-200703-08", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml" + }, + { + "name": "oval:org.mitre.oval:def:9884", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9884" + }, + { + "name": "SSA:2007-066-03", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851" + }, + { + "name": "24384", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24384" + }, + { + "name": "24457", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24457" + }, + { + "name": "24343", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24343" + }, + { + "name": "HPSBUX02153", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "ADV-2007-0718", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0718" + }, + { + "name": "24650", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24650" + }, + { + "name": "USN-428-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-428-1" + }, + { + "name": "24320", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24320" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1103", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1103" + }, + { + "name": "32107", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32107" + }, + { + "name": "SUSE-SA:2007:019", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html" + }, + { + "name": "20070303 rPSA-2007-0040-3 firefox thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded" + }, + { + "name": "SUSE-SA:2007:022", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html" + }, + { + "name": "24293", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24293" + }, + { + "name": "24238", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24238" + }, + { + "name": "24393", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24393" + }, + { + "name": "24342", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24342" + }, + { + "name": "24287", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24287" + }, + { + "name": "22694", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22694" + }, + { + "name": "SSRT061181", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "FEDORA-2007-281", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2713" + }, + { + "name": "RHSA-2007:0097", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html" + }, + { + "name": "1017702", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017702" + }, + { + "name": "FEDORA-2007-293", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2728" + }, + { + "name": "20070301-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc" + }, + { + "name": "mozilla-dataurl-xss(32667)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32667" + }, + { + "name": "24205", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24205" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1081", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1081" + }, + { + "name": "24333", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24333" + }, + { + "name": "MDKSA-2007:050", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050" + }, + { + "name": "24290", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24290" + }, + { + "name": "24455", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24455" + }, + { + "name": "RHSA-2007:0077", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html" + }, + { + "name": "20070202-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc" + }, + { + "name": "SSA:2007-066-05", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131" + }, + { + "name": "RHSA-2007:0079", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html" + }, + { + "name": "24437", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24437" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3008.json b/2007/3xxx/CVE-2007-3008.json index 2d195074837..902aee49ab3 100644 --- a/2007/3xxx/CVE-2007-3008.json +++ b/2007/3xxx/CVE-2007-3008.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3008", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mbedthis AppWeb before 2.2.2 enables the HTTP TRACE method, which has unspecified impact probably related to remote information leaks and cross-site tracing (XST) attacks, a related issue to CVE-2004-2320 and CVE-2005-3398." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3008", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.appwebserver.org/forum/viewtopic.php?t=996", - "refsource" : "MISC", - "url" : "http://www.appwebserver.org/forum/viewtopic.php?t=996" - }, - { - "name" : "http://www.mbedthis.com/products/appWeb/doc/product/newFeatures.html", - "refsource" : "CONFIRM", - "url" : "http://www.mbedthis.com/products/appWeb/doc/product/newFeatures.html" - }, - { - "name" : "24456", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24456" - }, - { - "name" : "35511", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/35511" - }, - { - "name" : "25636", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25636" - }, - { - "name" : "mbedthis-httptrace-xss(34854)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34854" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mbedthis AppWeb before 2.2.2 enables the HTTP TRACE method, which has unspecified impact probably related to remote information leaks and cross-site tracing (XST) attacks, a related issue to CVE-2004-2320 and CVE-2005-3398." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.mbedthis.com/products/appWeb/doc/product/newFeatures.html", + "refsource": "CONFIRM", + "url": "http://www.mbedthis.com/products/appWeb/doc/product/newFeatures.html" + }, + { + "name": "mbedthis-httptrace-xss(34854)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34854" + }, + { + "name": "24456", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24456" + }, + { + "name": "35511", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/35511" + }, + { + "name": "25636", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25636" + }, + { + "name": "http://www.appwebserver.org/forum/viewtopic.php?t=996", + "refsource": "MISC", + "url": "http://www.appwebserver.org/forum/viewtopic.php?t=996" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3166.json b/2007/3xxx/CVE-2007-3166.json index e9d6e1b9c24..565a2dee6e2 100644 --- a/2007/3xxx/CVE-2007-3166.json +++ b/2007/3xxx/CVE-2007-3166.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3166", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remote IMAP servers to execute arbitrary code via a long FLAGS response to a SELECT INBOX command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3166", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4014", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4014" - }, - { - "name" : "24251", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24251" - }, - { - "name" : "36197", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36197" - }, - { - "name" : "eudora-imap-command-execution(34625)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34625" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remote IMAP servers to execute arbitrary code via a long FLAGS response to a SELECT INBOX command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4014", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4014" + }, + { + "name": "eudora-imap-command-execution(34625)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34625" + }, + { + "name": "36197", + "refsource": "OSVDB", + "url": "http://osvdb.org/36197" + }, + { + "name": "24251", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24251" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6550.json b/2007/6xxx/CVE-2007-6550.json index 77f93a68c6a..3341d6150ca 100644 --- a/2007/6xxx/CVE-2007-6550.json +++ b/2007/6xxx/CVE-2007-6550.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6550", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6550", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4789", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4789" - }, - { - "name" : "27032", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27032" - }, - { - "name" : "ADV-2007-4321", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4321" - }, - { - "name" : "42662", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42662" - }, - { - "name" : "28201", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28201" - }, - { - "name" : "pmoshelpdesk-form-code-execution(39274)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39274" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42662", + "refsource": "OSVDB", + "url": "http://osvdb.org/42662" + }, + { + "name": "ADV-2007-4321", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4321" + }, + { + "name": "4789", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4789" + }, + { + "name": "28201", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28201" + }, + { + "name": "pmoshelpdesk-form-code-execution(39274)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39274" + }, + { + "name": "27032", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27032" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1220.json b/2014/1xxx/CVE-2014-1220.json index ae2d09dbea3..01825c9a57f 100644 --- a/2014/1xxx/CVE-2014-1220.json +++ b/2014/1xxx/CVE-2014-1220.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1220", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1220", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1515.json b/2014/1xxx/CVE-2014-1515.json index 3d5c0a9185d..006fe7a5f48 100644 --- a/2014/1xxx/CVE-2014-1515.json +++ b/2014/1xxx/CVE-2014-1515.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1515", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox before 28.0.1 on Android processes a file: URL by copying a local file onto the SD card, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2014-1515", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140326 Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516)", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-03/0153.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=945429", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=945429" - }, - { - "name" : "https://www.mozilla.org/security/announce/2014/mfsa2014-33.html", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/announce/2014/mfsa2014-33.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox before 28.0.1 on Android processes a file: URL by copying a local file onto the SD card, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140326 Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516)", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0153.html" + }, + { + "name": "https://www.mozilla.org/security/announce/2014/mfsa2014-33.html", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/announce/2014/mfsa2014-33.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=945429", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945429" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5055.json b/2014/5xxx/CVE-2014-5055.json index d44388bd796..086460284ed 100644 --- a/2014/5xxx/CVE-2014-5055.json +++ b/2014/5xxx/CVE-2014-5055.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5055", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5055", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5070.json b/2014/5xxx/CVE-2014-5070.json index cd76a004e7a..b8d547d2efd 100644 --- a/2014/5xxx/CVE-2014-5070.json +++ b/2014/5xxx/CVE-2014-5070.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5070", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5070", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.portcullis.co.uk/security-research-and-downloads/security-advisories/cve-2014-5070/", - "refsource" : "MISC", - "url" : "https://www.portcullis.co.uk/security-research-and-downloads/security-advisories/cve-2014-5070/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.portcullis.co.uk/security-research-and-downloads/security-advisories/cve-2014-5070/", + "refsource": "MISC", + "url": "https://www.portcullis.co.uk/security-research-and-downloads/security-advisories/cve-2014-5070/" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5234.json b/2014/5xxx/CVE-2014-5234.json index 655bd879f94..99679acd838 100644 --- a/2014/5xxx/CVE-2014-5234.json +++ b/2014/5xxx/CVE-2014-5234.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5234", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite before 7.4.2-rev33 and 7.6.x before 7.6.0-rev16 allows remote attackers to inject arbitrary web script or HTML via a folder publication name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5234", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140915 Open-Xchange Security Advisory 2014-09-15", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/533443/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/128257/Open-Xchange-7.6.0-XSS-SSRF-Traversal.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/128257/Open-Xchange-7.6.0-XSS-SSRF-Traversal.html" - }, - { - "name" : "http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_2112_7.6.0_2014-08-25.pdf", - "refsource" : "CONFIRM", - "url" : "http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_2112_7.6.0_2014-08-25.pdf" - }, - { - "name" : "69796", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69796" - }, - { - "name" : "61080", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61080" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite before 7.4.2-rev33 and 7.6.x before 7.6.0-rev16 allows remote attackers to inject arbitrary web script or HTML via a folder publication name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140915 Open-Xchange Security Advisory 2014-09-15", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/533443/100/0/threaded" + }, + { + "name": "69796", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69796" + }, + { + "name": "61080", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61080" + }, + { + "name": "http://packetstormsecurity.com/files/128257/Open-Xchange-7.6.0-XSS-SSRF-Traversal.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/128257/Open-Xchange-7.6.0-XSS-SSRF-Traversal.html" + }, + { + "name": "http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_2112_7.6.0_2014-08-25.pdf", + "refsource": "CONFIRM", + "url": "http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_2112_7.6.0_2014-08-25.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5439.json b/2014/5xxx/CVE-2014-5439.json index 83613c4e26f..ae1da4b2ae1 100644 --- a/2014/5xxx/CVE-2014-5439.json +++ b/2014/5xxx/CVE-2014-5439.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5439", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5439", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2042.json b/2015/2xxx/CVE-2015-2042.json index 077087cc28d..2a7425f1bb1 100644 --- a/2015/2xxx/CVE-2015-2042.json +++ b/2015/2xxx/CVE-2015-2042.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2042", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2042", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150220 CVE-2015-2042 - Linux kernel - incorrect data type in rds_sysctl_rds_table", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/02/20/20" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=db27ebb111e9f69efece08e4cb6a34ff980f8896", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=db27ebb111e9f69efece08e4cb6a34ff980f8896" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1195355", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1195355" - }, - { - "name" : "https://github.com/torvalds/linux/commit/db27ebb111e9f69efece08e4cb6a34ff980f8896", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/db27ebb111e9f69efece08e4cb6a34ff980f8896" - }, - { - "name" : "DSA-3237", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3237" - }, - { - "name" : "SUSE-SU-2015:1478", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html" - }, - { - "name" : "USN-2560-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2560-1" - }, - { - "name" : "USN-2561-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2561-1" - }, - { - "name" : "USN-2562-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2562-1" - }, - { - "name" : "USN-2563-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2563-1" - }, - { - "name" : "USN-2564-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2564-1" - }, - { - "name" : "USN-2565-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2565-1" - }, - { - "name" : "72730", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72730" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2562-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2562-1" + }, + { + "name": "USN-2565-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2565-1" + }, + { + "name": "USN-2561-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2561-1" + }, + { + "name": "USN-2564-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2564-1" + }, + { + "name": "USN-2563-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2563-1" + }, + { + "name": "72730", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72730" + }, + { + "name": "DSA-3237", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3237" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1195355", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1195355" + }, + { + "name": "USN-2560-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2560-1" + }, + { + "name": "[oss-security] 20150220 CVE-2015-2042 - Linux kernel - incorrect data type in rds_sysctl_rds_table", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/02/20/20" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=db27ebb111e9f69efece08e4cb6a34ff980f8896", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=db27ebb111e9f69efece08e4cb6a34ff980f8896" + }, + { + "name": "SUSE-SU-2015:1478", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html" + }, + { + "name": "https://github.com/torvalds/linux/commit/db27ebb111e9f69efece08e4cb6a34ff980f8896", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/db27ebb111e9f69efece08e4cb6a34ff980f8896" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2332.json b/2015/2xxx/CVE-2015-2332.json index 06f5386b6fa..09b34e6edc1 100644 --- a/2015/2xxx/CVE-2015-2332.json +++ b/2015/2xxx/CVE-2015-2332.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2332", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in member.php in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2332", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.mybb.com/2015/02/15/mybb-1-8-4-released-feature-update-security-maintenance-release/", - "refsource" : "CONFIRM", - "url" : "http://blog.mybb.com/2015/02/15/mybb-1-8-4-released-feature-update-security-maintenance-release/" - }, - { - "name" : "73212", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73212" - }, - { - "name" : "1031953", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031953" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in member.php in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blog.mybb.com/2015/02/15/mybb-1-8-4-released-feature-update-security-maintenance-release/", + "refsource": "CONFIRM", + "url": "http://blog.mybb.com/2015/02/15/mybb-1-8-4-released-feature-update-security-maintenance-release/" + }, + { + "name": "73212", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73212" + }, + { + "name": "1031953", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031953" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2567.json b/2015/2xxx/CVE-2015-2567.json index 403a94a4645..b99afacb50a 100644 --- a/2015/2xxx/CVE-2015-2567.json +++ b/2015/2xxx/CVE-2015-2567.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2567", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2567", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" - }, - { - "name" : "GLSA-201507-19", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201507-19" - }, - { - "name" : "SUSE-SU-2015:0946", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" - }, - { - "name" : "1032121", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032121" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201507-19", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201507-19" + }, + { + "name": "1032121", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032121" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" + }, + { + "name": "SUSE-SU-2015:0946", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6202.json b/2015/6xxx/CVE-2015-6202.json index bff22314913..aff4f55f2f0 100644 --- a/2015/6xxx/CVE-2015-6202.json +++ b/2015/6xxx/CVE-2015-6202.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6202", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6202", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6368.json b/2015/6xxx/CVE-2015-6368.json index 89f2f0ddba0..75265c3a574 100644 --- a/2015/6xxx/CVE-2015-6368.json +++ b/2015/6xxx/CVE-2015-6368.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6368", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to read files via a crafted HTTP request, aka Bug ID CSCux10608." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6368", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151116 Cisco Firepower 9000 Unauthenticated File Access Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-firepower" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to read files via a crafted HTTP request, aka Bug ID CSCux10608." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20151116 Cisco Firepower 9000 Unauthenticated File Access Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-firepower" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6436.json b/2015/6xxx/CVE-2015-6436.json index b4694d608a9..6abd3427940 100644 --- a/2015/6xxx/CVE-2015-6436.json +++ b/2015/6xxx/CVE-2015-6436.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6436", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6436", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6496.json b/2015/6xxx/CVE-2015-6496.json index 0136fbf2aff..a8f9266d757 100644 --- a/2015/6xxx/CVE-2015-6496.json +++ b/2015/6xxx/CVE-2015-6496.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6496", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "conntrackd in conntrack-tools 1.4.2 and earlier does not ensure that the optional kernel modules are loaded before using them, which allows remote attackers to cause a denial of service (crash) via a (1) DCCP, (2) SCTP, or (3) ICMPv6 packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-6496", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150814 CVE request: conntrackd denial of service with unusual network traffic", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/08/14/4" - }, - { - "name" : "[oss-security] 20150817 Re: CVE request: conntrackd denial of service with unusual network traffic", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/08/18/1" - }, - { - "name" : "http://bugzilla.netfilter.org/show_bug.cgi?id=910", - "refsource" : "CONFIRM", - "url" : "http://bugzilla.netfilter.org/show_bug.cgi?id=910" - }, - { - "name" : "https://git.netfilter.org/conntrack-tools/commit/?id=c392c159605956c7bd4a264ab4490e2b2704c0cd", - "refsource" : "CONFIRM", - "url" : "https://git.netfilter.org/conntrack-tools/commit/?id=c392c159605956c7bd4a264ab4490e2b2704c0cd" - }, - { - "name" : "DSA-3341", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3341" - }, - { - "name" : "FEDORA-2015-1aee5e6f0b", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174883.html" - }, - { - "name" : "FEDORA-2015-5eb2131441", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174875.html" - }, - { - "name" : "openSUSE-SU-2015:1688", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-10/msg00015.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "conntrackd in conntrack-tools 1.4.2 and earlier does not ensure that the optional kernel modules are loaded before using them, which allows remote attackers to cause a denial of service (crash) via a (1) DCCP, (2) SCTP, or (3) ICMPv6 packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2015-5eb2131441", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174875.html" + }, + { + "name": "[oss-security] 20150817 Re: CVE request: conntrackd denial of service with unusual network traffic", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/08/18/1" + }, + { + "name": "https://git.netfilter.org/conntrack-tools/commit/?id=c392c159605956c7bd4a264ab4490e2b2704c0cd", + "refsource": "CONFIRM", + "url": "https://git.netfilter.org/conntrack-tools/commit/?id=c392c159605956c7bd4a264ab4490e2b2704c0cd" + }, + { + "name": "FEDORA-2015-1aee5e6f0b", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174883.html" + }, + { + "name": "[oss-security] 20150814 CVE request: conntrackd denial of service with unusual network traffic", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/08/14/4" + }, + { + "name": "openSUSE-SU-2015:1688", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00015.html" + }, + { + "name": "http://bugzilla.netfilter.org/show_bug.cgi?id=910", + "refsource": "CONFIRM", + "url": "http://bugzilla.netfilter.org/show_bug.cgi?id=910" + }, + { + "name": "DSA-3341", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3341" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6543.json b/2015/6xxx/CVE-2015-6543.json index dda9d6afb70..35eca0a32f4 100644 --- a/2015/6xxx/CVE-2015-6543.json +++ b/2015/6xxx/CVE-2015-6543.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6543", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6543", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6952.json b/2015/6xxx/CVE-2015-6952.json index 80e7e401701..aa6a341bec1 100644 --- a/2015/6xxx/CVE-2015-6952.json +++ b/2015/6xxx/CVE-2015-6952.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6952", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6952", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7283.json b/2015/7xxx/CVE-2015-7283.json index ef0bc25dfef..75627ed3c26 100644 --- a/2015/7xxx/CVE-2015-7283.json +++ b/2015/7xxx/CVE-2015-7283.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7283", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web administration interface on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 has a default password of 1234 for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-7283", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#330000", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/330000" - }, - { - "name" : "78819", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78819" - }, - { - "name" : "1034554", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034554" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web administration interface on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 has a default password of 1234 for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034554", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034554" + }, + { + "name": "78819", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78819" + }, + { + "name": "VU#330000", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/330000" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7762.json b/2015/7xxx/CVE-2015-7762.json index ca45d27b1f9..567038d7ed7 100644 --- a/2015/7xxx/CVE-2015-7762.json +++ b/2015/7xxx/CVE-2015-7762.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7762", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7762", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[OpenAFS-announce] 20151028 OpenAFS security release 1.6.15 available", - "refsource" : "MLIST", - "url" : "https://lists.openafs.org/pipermail/openafs-announce/2015/000493.html" - }, - { - "name" : "https://www.openafs.org/dl/openafs/1.6.15/RELNOTES-1.6.15", - "refsource" : "CONFIRM", - "url" : "https://www.openafs.org/dl/openafs/1.6.15/RELNOTES-1.6.15" - }, - { - "name" : "https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt", - "refsource" : "CONFIRM", - "url" : "https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt" - }, - { - "name" : "DSA-3387", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3387" - }, - { - "name" : "1034039", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034039" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.openafs.org/dl/openafs/1.6.15/RELNOTES-1.6.15", + "refsource": "CONFIRM", + "url": "https://www.openafs.org/dl/openafs/1.6.15/RELNOTES-1.6.15" + }, + { + "name": "https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt", + "refsource": "CONFIRM", + "url": "https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt" + }, + { + "name": "[OpenAFS-announce] 20151028 OpenAFS security release 1.6.15 available", + "refsource": "MLIST", + "url": "https://lists.openafs.org/pipermail/openafs-announce/2015/000493.html" + }, + { + "name": "1034039", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034039" + }, + { + "name": "DSA-3387", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3387" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0016.json b/2016/0xxx/CVE-2016-0016.json index 04aeaccb3a7..bf7de6adcf1 100644 --- a/2016/0xxx/CVE-2016-0016.json +++ b/2016/0xxx/CVE-2016-0016.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0016", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka \"DLL Loading Remote Code Execution Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0016", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39233", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39233/" - }, - { - "name" : "https://code.google.com/p/google-security-research/issues/detail?id=555", - "refsource" : "MISC", - "url" : "https://code.google.com/p/google-security-research/issues/detail?id=555" - }, - { - "name" : "MS16-007", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-007" - }, - { - "name" : "1034661", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034661" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka \"DLL Loading Remote Code Execution Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39233", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39233/" + }, + { + "name": "MS16-007", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-007" + }, + { + "name": "1034661", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034661" + }, + { + "name": "https://code.google.com/p/google-security-research/issues/detail?id=555", + "refsource": "MISC", + "url": "https://code.google.com/p/google-security-research/issues/detail?id=555" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0208.json b/2016/0xxx/CVE-2016-0208.json index c9939c26e2a..ea3e53cc432 100644 --- a/2016/0xxx/CVE-2016-0208.json +++ b/2016/0xxx/CVE-2016-0208.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0208", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and 8.x before 8.0.0.3 allows remote attackers to cause a denial of service (order-processing outage) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0208", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21975774", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21975774" - }, - { - "name" : "JR54988", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54988" - }, - { - "name" : "1035239", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035239" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and 8.x before 8.0.0.3 allows remote attackers to cause a denial of service (order-processing outage) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JR54988", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54988" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21975774", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21975774" + }, + { + "name": "1035239", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035239" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0400.json b/2016/0xxx/CVE-2016-0400.json index 6de0aae3253..6627f3be212 100644 --- a/2016/0xxx/CVE-2016-0400.json +++ b/2016/0xxx/CVE-2016-0400.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0400", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0400", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40039", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40039/" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983036", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983036" - }, - { - "name" : "PI60897", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI60897" - }, - { - "name" : "PI60898", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI60898" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "PI60897", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI60897" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21983036", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983036" + }, + { + "name": "40039", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40039/" + }, + { + "name": "PI60898", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI60898" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0594.json b/2016/0xxx/CVE-2016-0594.json index 005c2989835..19ccacbe218 100644 --- a/2016/0xxx/CVE-2016-0594.json +++ b/2016/0xxx/CVE-2016-0594.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0594", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.6.21 and earlier allows remote authenticated users to affect availability via vectors related to DML." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0594", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "openSUSE-SU-2016:0367", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html" - }, - { - "name" : "openSUSE-SU-2016:0377", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html" - }, - { - "name" : "1034708", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034708" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.6.21 and earlier allows remote authenticated users to affect availability via vectors related to DML." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0367", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html" + }, + { + "name": "1034708", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034708" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "openSUSE-SU-2016:0377", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0624.json b/2016/0xxx/CVE-2016-0624.json index 1aa57940947..acda5af3813 100644 --- a/2016/0xxx/CVE-2016-0624.json +++ b/2016/0xxx/CVE-2016-0624.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0624", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0624", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000368.json b/2016/1000xxx/CVE-2016-1000368.json index 698061bbb26..314501cd6f5 100644 --- a/2016/1000xxx/CVE-2016-1000368.json +++ b/2016/1000xxx/CVE-2016-1000368.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000368", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9861. Reason: This candidate is a reservation duplicate of CVE-2016-9861. Notes: All CVE users should reference CVE-2016-9861 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-1000368", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9861. Reason: This candidate is a reservation duplicate of CVE-2016-9861. Notes: All CVE users should reference CVE-2016-9861 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10250.json b/2016/10xxx/CVE-2016-10250.json index e1a88576693..076d4be1f2b 100644 --- a/2016/10xxx/CVE-2016-10250.json +++ b/2016/10xxx/CVE-2016-10250.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10250", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 allows remote attackers to cause a denial of service (NULL pointer dereference) by leveraging incorrect cleanup of JP2 box data on error. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8887." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10250", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.gentoo.org/ago/2016/10/23/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c-incomplete-fix-for-cve-2016-8887/", - "refsource" : "MISC", - "url" : "https://blogs.gentoo.org/ago/2016/10/23/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c-incomplete-fix-for-cve-2016-8887/" - }, - { - "name" : "https://github.com/mdadams/jasper/commit/bdfe95a6e81ffb4b2fad31a76b57943695beed20", - "refsource" : "CONFIRM", - "url" : "https://github.com/mdadams/jasper/commit/bdfe95a6e81ffb4b2fad31a76b57943695beed20" - }, - { - "name" : "USN-3693-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3693-1/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 allows remote attackers to cause a denial of service (NULL pointer dereference) by leveraging incorrect cleanup of JP2 box data on error. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8887." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/mdadams/jasper/commit/bdfe95a6e81ffb4b2fad31a76b57943695beed20", + "refsource": "CONFIRM", + "url": "https://github.com/mdadams/jasper/commit/bdfe95a6e81ffb4b2fad31a76b57943695beed20" + }, + { + "name": "https://blogs.gentoo.org/ago/2016/10/23/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c-incomplete-fix-for-cve-2016-8887/", + "refsource": "MISC", + "url": "https://blogs.gentoo.org/ago/2016/10/23/jasper-null-pointer-dereference-in-jp2_colr_destroy-jp2_cod-c-incomplete-fix-for-cve-2016-8887/" + }, + { + "name": "USN-3693-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3693-1/" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10603.json b/2016/10xxx/CVE-2016-10603.json index 1109fc28a9a..21fea055dcc 100644 --- a/2016/10xxx/CVE-2016-10603.json +++ b/2016/10xxx/CVE-2016-10603.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10603", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "air-sdk node module", - "version" : { - "version_data" : [ - { - "version_value" : "All versions" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "air-sdk is a NPM wrapper for the Adobe AIR SDK. air-sdk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Encryption of Sensitive Data (CWE-311)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10603", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "air-sdk node module", + "version": { + "version_data": [ + { + "version_value": "All versions" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/200", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/200" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "air-sdk is a NPM wrapper for the Adobe AIR SDK. air-sdk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Encryption of Sensitive Data (CWE-311)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/200", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/200" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10647.json b/2016/10xxx/CVE-2016-10647.json index 4f9943f900a..80e899e2bf9 100644 --- a/2016/10xxx/CVE-2016-10647.json +++ b/2016/10xxx/CVE-2016-10647.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10647", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "node-air-sdk node module", - "version" : { - "version_data" : [ - { - "version_value" : "All versions" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "node-air-sdk is an AIR SDK for nodejs. node-air-sdk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Encryption of Sensitive Data (CWE-311)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10647", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "node-air-sdk node module", + "version": { + "version_data": [ + { + "version_value": "All versions" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/250", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/250" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "node-air-sdk is an AIR SDK for nodejs. node-air-sdk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Encryption of Sensitive Data (CWE-311)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/250", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/250" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4215.json b/2016/4xxx/CVE-2016-4215.json index b6b357163b8..a9ab9937ec1 100644 --- a/2016/4xxx/CVE-2016-4215.json +++ b/2016/4xxx/CVE-2016-4215.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4215", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4215", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" - }, - { - "name" : "91712", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91712" - }, - { - "name" : "1036281", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036281", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036281" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" + }, + { + "name": "91712", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91712" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9012.json b/2016/9xxx/CVE-2016-9012.json index db27983c889..1841df3faf1 100644 --- a/2016/9xxx/CVE-2016-9012.json +++ b/2016/9xxx/CVE-2016-9012.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9012", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CloudVision Portal (CVP) before 2016.1.2.1 allows remote authenticated users to gain access to the internal configuration mechanisms via the management plane, related to a request to /web/system/console/bundle." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9012", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.arista.com/en/support/advisories-notices/security-advisories/2116-security-advisory-27", - "refsource" : "CONFIRM", - "url" : "https://www.arista.com/en/support/advisories-notices/security-advisories/2116-security-advisory-27" - }, - { - "name" : "94635", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94635" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CloudVision Portal (CVP) before 2016.1.2.1 allows remote authenticated users to gain access to the internal configuration mechanisms via the management plane, related to a request to /web/system/console/bundle." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/2116-security-advisory-27", + "refsource": "CONFIRM", + "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/2116-security-advisory-27" + }, + { + "name": "94635", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94635" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9475.json b/2016/9xxx/CVE-2016-9475.json index c22f943b51d..f89c55c1eb4 100644 --- a/2016/9xxx/CVE-2016-9475.json +++ b/2016/9xxx/CVE-2016-9475.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9475", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9475", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2075.json b/2019/2xxx/CVE-2019-2075.json index 0396f996518..c03dde611b5 100644 --- a/2019/2xxx/CVE-2019-2075.json +++ b/2019/2xxx/CVE-2019-2075.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2075", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2075", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2197.json b/2019/2xxx/CVE-2019-2197.json index 742869bdf69..60510c2a708 100644 --- a/2019/2xxx/CVE-2019-2197.json +++ b/2019/2xxx/CVE-2019-2197.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2197", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2197", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2626.json b/2019/2xxx/CVE-2019-2626.json index 4df371e1da6..12f6b1af9a1 100644 --- a/2019/2xxx/CVE-2019-2626.json +++ b/2019/2xxx/CVE-2019-2626.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2626", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2626", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2803.json b/2019/2xxx/CVE-2019-2803.json index 4be3d1477af..1e9dc96433b 100644 --- a/2019/2xxx/CVE-2019-2803.json +++ b/2019/2xxx/CVE-2019-2803.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2803", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2803", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2830.json b/2019/2xxx/CVE-2019-2830.json index a65b0e4fe8d..f7792671bc4 100644 --- a/2019/2xxx/CVE-2019-2830.json +++ b/2019/2xxx/CVE-2019-2830.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2830", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2830", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3091.json b/2019/3xxx/CVE-2019-3091.json index b8e85e19e6a..9f2086fc09e 100644 --- a/2019/3xxx/CVE-2019-3091.json +++ b/2019/3xxx/CVE-2019-3091.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3091", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3091", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3131.json b/2019/3xxx/CVE-2019-3131.json index 5a9b59f5387..f2b6e1a21b0 100644 --- a/2019/3xxx/CVE-2019-3131.json +++ b/2019/3xxx/CVE-2019-3131.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3131", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3131", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3196.json b/2019/3xxx/CVE-2019-3196.json index eabea0723b8..f0249015b31 100644 --- a/2019/3xxx/CVE-2019-3196.json +++ b/2019/3xxx/CVE-2019-3196.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3196", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3196", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3426.json b/2019/3xxx/CVE-2019-3426.json index fceb9b52502..24e59f3fd63 100644 --- a/2019/3xxx/CVE-2019-3426.json +++ b/2019/3xxx/CVE-2019-3426.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3426", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3426", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3744.json b/2019/3xxx/CVE-2019-3744.json index b061db75b2e..b03cfd69bec 100644 --- a/2019/3xxx/CVE-2019-3744.json +++ b/2019/3xxx/CVE-2019-3744.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3744", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3744", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6468.json b/2019/6xxx/CVE-2019-6468.json index 3ae6587e273..06831594e16 100644 --- a/2019/6xxx/CVE-2019-6468.json +++ b/2019/6xxx/CVE-2019-6468.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6468", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6468", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6706.json b/2019/6xxx/CVE-2019-6706.json index e0d2c785fa1..bc1ecc79bfc 100644 --- a/2019/6xxx/CVE-2019-6706.json +++ b/2019/6xxx/CVE-2019-6706.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6706", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6706", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "46246", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/46246/" - }, - { - "name" : "http://lua.2524044.n2.nabble.com/Bug-Report-Use-after-free-in-debug-upvaluejoin-tc7685506.html", - "refsource" : "MISC", - "url" : "http://lua.2524044.n2.nabble.com/Bug-Report-Use-after-free-in-debug-upvaluejoin-tc7685506.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://lua.2524044.n2.nabble.com/Bug-Report-Use-after-free-in-debug-upvaluejoin-tc7685506.html", + "refsource": "MISC", + "url": "http://lua.2524044.n2.nabble.com/Bug-Report-Use-after-free-in-debug-upvaluejoin-tc7685506.html" + }, + { + "name": "46246", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/46246/" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6820.json b/2019/6xxx/CVE-2019-6820.json index a8fc2e0ef9d..a392badf9cd 100644 --- a/2019/6xxx/CVE-2019-6820.json +++ b/2019/6xxx/CVE-2019-6820.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6820", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6820", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6955.json b/2019/6xxx/CVE-2019-6955.json index 33e7d02ff8f..e3051dcfa36 100644 --- a/2019/6xxx/CVE-2019-6955.json +++ b/2019/6xxx/CVE-2019-6955.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6955", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6955", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7468.json b/2019/7xxx/CVE-2019-7468.json index 1192a142294..29712d5bb48 100644 --- a/2019/7xxx/CVE-2019-7468.json +++ b/2019/7xxx/CVE-2019-7468.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7468", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7468", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7790.json b/2019/7xxx/CVE-2019-7790.json index 90d82ebc26b..ac4853abb49 100644 --- a/2019/7xxx/CVE-2019-7790.json +++ b/2019/7xxx/CVE-2019-7790.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7790", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7790", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7800.json b/2019/7xxx/CVE-2019-7800.json index 48d983eb313..fa41e145673 100644 --- a/2019/7xxx/CVE-2019-7800.json +++ b/2019/7xxx/CVE-2019-7800.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7800", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7800", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8286.json b/2019/8xxx/CVE-2019-8286.json index 5526f4c7ec6..9f6a06de394 100644 --- a/2019/8xxx/CVE-2019-8286.json +++ b/2019/8xxx/CVE-2019-8286.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8286", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8286", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8353.json b/2019/8xxx/CVE-2019-8353.json index 3d2644375f4..84793c82bd0 100644 --- a/2019/8xxx/CVE-2019-8353.json +++ b/2019/8xxx/CVE-2019-8353.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8353", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8353", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8536.json b/2019/8xxx/CVE-2019-8536.json index 002d55eee44..2d98abc5808 100644 --- a/2019/8xxx/CVE-2019-8536.json +++ b/2019/8xxx/CVE-2019-8536.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8536", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8536", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9064.json b/2019/9xxx/CVE-2019-9064.json index 41959e17fd3..5a70de3909f 100644 --- a/2019/9xxx/CVE-2019-9064.json +++ b/2019/9xxx/CVE-2019-9064.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9064", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9064", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://hackingvila.wordpress.com/2019/02/18/directory-traveler-or-path-traveler-vulnerability-in-cab-booking-script-php-script-mall/", - "refsource" : "MISC", - "url" : "https://hackingvila.wordpress.com/2019/02/18/directory-traveler-or-path-traveler-vulnerability-in-cab-booking-script-php-script-mall/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://hackingvila.wordpress.com/2019/02/18/directory-traveler-or-path-traveler-vulnerability-in-cab-booking-script-php-script-mall/", + "refsource": "MISC", + "url": "https://hackingvila.wordpress.com/2019/02/18/directory-traveler-or-path-traveler-vulnerability-in-cab-booking-script-php-script-mall/" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9203.json b/2019/9xxx/CVE-2019-9203.json index cc0a9f09ee9..250dfbb758b 100644 --- a/2019/9xxx/CVE-2019-9203.json +++ b/2019/9xxx/CVE-2019-9203.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9203", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9203", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file