From 29be6e8de609fe087b8e89a5c1f61d7c12fd6013 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:09:07 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0062.json | 120 +++++----- 1999/0xxx/CVE-1999-0826.json | 130 +++++------ 2000/1xxx/CVE-2000-1177.json | 140 ++++++------ 2005/2xxx/CVE-2005-2091.json | 160 ++++++------- 2005/2xxx/CVE-2005-2467.json | 210 +++++++++--------- 2005/2xxx/CVE-2005-2517.json | 130 +++++------ 2005/2xxx/CVE-2005-2767.json | 180 +++++++-------- 2005/3xxx/CVE-2005-3153.json | 170 +++++++------- 2005/3xxx/CVE-2005-3491.json | 160 ++++++------- 2005/3xxx/CVE-2005-3712.json | 190 ++++++++-------- 2007/5xxx/CVE-2007-5244.json | 200 ++++++++--------- 2009/2xxx/CVE-2009-2054.json | 170 +++++++------- 2009/2xxx/CVE-2009-2245.json | 34 +-- 2009/2xxx/CVE-2009-2522.json | 34 +-- 2009/3xxx/CVE-2009-3183.json | 160 ++++++------- 2009/3xxx/CVE-2009-3319.json | 130 +++++------ 2009/3xxx/CVE-2009-3807.json | 130 +++++------ 2015/0xxx/CVE-2015-0362.json | 140 ++++++------ 2015/0xxx/CVE-2015-0555.json | 130 +++++------ 2015/0xxx/CVE-2015-0623.json | 120 +++++----- 2015/1xxx/CVE-2015-1202.json | 34 +-- 2015/1xxx/CVE-2015-1530.json | 34 +-- 2015/1xxx/CVE-2015-1761.json | 140 ++++++------ 2015/4xxx/CVE-2015-4157.json | 130 +++++------ 2015/4xxx/CVE-2015-4174.json | 150 ++++++------- 2015/4xxx/CVE-2015-4468.json | 150 ++++++------- 2015/4xxx/CVE-2015-4493.json | 260 +++++++++++----------- 2015/4xxx/CVE-2015-4840.json | 420 +++++++++++++++++------------------ 2015/8xxx/CVE-2015-8123.json | 34 +-- 2015/8xxx/CVE-2015-8263.json | 130 +++++------ 2015/8xxx/CVE-2015-8692.json | 34 +-- 2015/8xxx/CVE-2015-8817.json | 220 +++++++++--------- 2018/2xxx/CVE-2018-2765.json | 166 +++++++------- 2018/2xxx/CVE-2018-2967.json | 148 ++++++------ 2018/6xxx/CVE-2018-6054.json | 172 +++++++------- 2018/6xxx/CVE-2018-6569.json | 120 +++++----- 2018/6xxx/CVE-2018-6769.json | 120 +++++----- 2018/6xxx/CVE-2018-6989.json | 34 +-- 2018/7xxx/CVE-2018-7031.json | 34 +-- 2018/7xxx/CVE-2018-7045.json | 34 +-- 2018/7xxx/CVE-2018-7750.json | 280 +++++++++++------------ 2018/7xxx/CVE-2018-7963.json | 34 +-- 2019/1xxx/CVE-2019-1461.json | 34 +-- 2019/1xxx/CVE-2019-1938.json | 34 +-- 2019/5xxx/CVE-2019-5052.json | 34 +-- 2019/5xxx/CVE-2019-5172.json | 34 +-- 2019/5xxx/CVE-2019-5181.json | 34 +-- 2019/5xxx/CVE-2019-5424.json | 34 +-- 48 files changed, 2960 insertions(+), 2960 deletions(-) diff --git a/1999/0xxx/CVE-1999-0062.json b/1999/0xxx/CVE-1999-0062.json index 73eacace234..041f990ef12 100644 --- a/1999/0xxx/CVE-1999-0062.json +++ b/1999/0xxx/CVE-1999-0062.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0062", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0062", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "7559", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/7559" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "7559", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/7559" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0826.json b/1999/0xxx/CVE-1999-0826.json index 4ca7d2ef27e..14e3de11c27 100644 --- a/1999/0xxx/CVE-1999-0826.json +++ b/1999/0xxx/CVE-1999-0826.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0826", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in FreeBSD angband allows local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0826", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "840", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/840" - }, - { - "name" : "1151", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/1151" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in FreeBSD angband allows local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1151", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/1151" + }, + { + "name": "840", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/840" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1177.json b/2000/1xxx/CVE-2000-1177.json index 4fa2092fe0e..0e768fc77f9 100644 --- a/2000/1xxx/CVE-2000-1177.json +++ b/2000/1xxx/CVE-2000-1177.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1177", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and bb-ack.sh in Big Brother (BB) before 1.5d3 allows remote attackers to determine the existence of files and user ID's by specifying the target file in the HISTFILE parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1177", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001121 Big Brother Advisory - Fate Research Labs", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0284.html" - }, - { - "name" : "http://bb4.com/incident.nov21", - "refsource" : "CONFIRM", - "url" : "http://bb4.com/incident.nov21" - }, - { - "name" : "1971", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1971" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and bb-ack.sh in Big Brother (BB) before 1.5d3 allows remote attackers to determine the existence of files and user ID's by specifying the target file in the HISTFILE parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bb4.com/incident.nov21", + "refsource": "CONFIRM", + "url": "http://bb4.com/incident.nov21" + }, + { + "name": "20001121 Big Brother Advisory - Fate Research Labs", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0284.html" + }, + { + "name": "1971", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1971" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2091.json b/2005/2xxx/CVE-2005-2091.json index 438aafb941d..6c3f18aa3f1 100644 --- a/2005/2xxx/CVE-2005-2091.json +++ b/2005/2xxx/CVE-2005-2091.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2091", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere 5.1 and WebSphere 5.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes WebSphere to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2091", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050606 A new whitepaper by Watchfire - HTTP Request Smuggling", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/lists/bugtraq/2005/Jun/0025.html" - }, - { - "name" : "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf", - "refsource" : "MISC", - "url" : "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf" - }, - { - "name" : "http://www.securiteam.com/securityreviews/5GP0220G0U.html", - "refsource" : "MISC", - "url" : "http://www.securiteam.com/securityreviews/5GP0220G0U.html" - }, - { - "name" : "1014367", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014367" - }, - { - "name" : "ibm-websphere-hrs(42898)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42898" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere 5.1 and WebSphere 5.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes WebSphere to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.securiteam.com/securityreviews/5GP0220G0U.html", + "refsource": "MISC", + "url": "http://www.securiteam.com/securityreviews/5GP0220G0U.html" + }, + { + "name": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf", + "refsource": "MISC", + "url": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf" + }, + { + "name": "20050606 A new whitepaper by Watchfire - HTTP Request Smuggling", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/lists/bugtraq/2005/Jun/0025.html" + }, + { + "name": "1014367", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014367" + }, + { + "name": "ibm-websphere-hrs(42898)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42898" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2467.json b/2005/2xxx/CVE-2005-2467.json index 0ddd50c4c3c..2ddb9e6439f 100644 --- a/2005/2xxx/CVE-2005-2467.json +++ b/2005/2xxx/CVE-2005-2467.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2467", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to view.php, (2) release parameter to list.php, or (3) F parameter to get_jsrs_data.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2467", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050731 MySQL Eventum Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112292193807958&w=2" - }, - { - "name" : "http://www.gulftech.org/?node=research&article_id=00093-07312005", - "refsource" : "MISC", - "url" : "http://www.gulftech.org/?node=research&article_id=00093-07312005" - }, - { - "name" : "http://lists.mysql.com/eventum-users/2072", - "refsource" : "CONFIRM", - "url" : "http://lists.mysql.com/eventum-users/2072" - }, - { - "name" : "14436", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14436" - }, - { - "name" : "ADV-2005-1287", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/1287" - }, - { - "name" : "18400", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/18400" - }, - { - "name" : "18401", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/18401" - }, - { - "name" : "18402", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/18402" - }, - { - "name" : "1014603", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014603" - }, - { - "name" : "16304", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16304" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to view.php, (2) release parameter to list.php, or (3) F parameter to get_jsrs_data.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2005-1287", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/1287" + }, + { + "name": "16304", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16304" + }, + { + "name": "14436", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14436" + }, + { + "name": "18401", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/18401" + }, + { + "name": "1014603", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014603" + }, + { + "name": "http://lists.mysql.com/eventum-users/2072", + "refsource": "CONFIRM", + "url": "http://lists.mysql.com/eventum-users/2072" + }, + { + "name": "20050731 MySQL Eventum Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112292193807958&w=2" + }, + { + "name": "http://www.gulftech.org/?node=research&article_id=00093-07312005", + "refsource": "MISC", + "url": "http://www.gulftech.org/?node=research&article_id=00093-07312005" + }, + { + "name": "18400", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/18400" + }, + { + "name": "18402", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/18402" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2517.json b/2005/2xxx/CVE-2005-2517.json index 764e04cb4ca..a8d3f716acb 100644 --- a/2005/2xxx/CVE-2005-2517.json +++ b/2005/2xxx/CVE-2005-2517.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2517", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2517", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2005-08-15", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" - }, - { - "name" : "APPLE-SA-2005-08-17", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2005-08-15", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" + }, + { + "name": "APPLE-SA-2005-08-17", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2767.json b/2005/2xxx/CVE-2005-2767.json index 5b0548ded9b..816e4594d56 100644 --- a/2005/2xxx/CVE-2005-2767.json +++ b/2005/2xxx/CVE-2005-2767.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2767", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in LeapFTP allows remote attackers to execute arbitrary code via a long Host string in a Site Queue (.lsq) file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2767", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050824 LeapFTP .lsq Buffer Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112491089723070&w=2" - }, - { - "name" : "http://secway.org/advisory/AD20050824.txt", - "refsource" : "MISC", - "url" : "http://secway.org/advisory/AD20050824.txt" - }, - { - "name" : "http://www.leapware.com/security/2005082301.txt", - "refsource" : "CONFIRM", - "url" : "http://www.leapware.com/security/2005082301.txt" - }, - { - "name" : "14655", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14655" - }, - { - "name" : "1014785", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014785" - }, - { - "name" : "16552", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16552/" - }, - { - "name" : "leapftp-site-queue-bo(21974)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21974" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in LeapFTP allows remote attackers to execute arbitrary code via a long Host string in a Site Queue (.lsq) file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "leapftp-site-queue-bo(21974)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21974" + }, + { + "name": "14655", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14655" + }, + { + "name": "http://www.leapware.com/security/2005082301.txt", + "refsource": "CONFIRM", + "url": "http://www.leapware.com/security/2005082301.txt" + }, + { + "name": "20050824 LeapFTP .lsq Buffer Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112491089723070&w=2" + }, + { + "name": "1014785", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014785" + }, + { + "name": "http://secway.org/advisory/AD20050824.txt", + "refsource": "MISC", + "url": "http://secway.org/advisory/AD20050824.txt" + }, + { + "name": "16552", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16552/" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3153.json b/2005/3xxx/CVE-2005-3153.json index fd6bc051010..2c7e798b584 100644 --- a/2005/3xxx/CVE-2005-3153.json +++ b/2005/3xxx/CVE-2005-3153.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3153", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "login.php in myBloggie 2.1.3 beta and earlier allows remote attackers to bypass a whitelist regular expression and conduct SQL injection attacks via a username parameter with SQL after a null character, which causes the whitelist check to succeed but injects the SQL into a query string, a different vulnerability than CVE-2005-2838. NOTE: it is possible that this is actually a bug in PHP code, in which case this should not be treated as a myBloggie vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3153", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20051001 MyBloggie 2.1.3beta null char + SQL Injection -> Login Bypass", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112818273307878&w=2" - }, - { - "name" : "http://rgod.altervista.org/mybloggie213b.html", - "refsource" : "MISC", - "url" : "http://rgod.altervista.org/mybloggie213b.html" - }, - { - "name" : "http://mywebland.com/forums/showtopic.php?t=399", - "refsource" : "CONFIRM", - "url" : "http://mywebland.com/forums/showtopic.php?t=399" - }, - { - "name" : "19935", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/19935" - }, - { - "name" : "1014995", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014995" - }, - { - "name" : "42", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/42" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "login.php in myBloggie 2.1.3 beta and earlier allows remote attackers to bypass a whitelist regular expression and conduct SQL injection attacks via a username parameter with SQL after a null character, which causes the whitelist check to succeed but injects the SQL into a query string, a different vulnerability than CVE-2005-2838. NOTE: it is possible that this is actually a bug in PHP code, in which case this should not be treated as a myBloggie vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1014995", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014995" + }, + { + "name": "http://rgod.altervista.org/mybloggie213b.html", + "refsource": "MISC", + "url": "http://rgod.altervista.org/mybloggie213b.html" + }, + { + "name": "20051001 MyBloggie 2.1.3beta null char + SQL Injection -> Login Bypass", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112818273307878&w=2" + }, + { + "name": "42", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/42" + }, + { + "name": "19935", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/19935" + }, + { + "name": "http://mywebland.com/forums/showtopic.php?t=399", + "refsource": "CONFIRM", + "url": "http://mywebland.com/forums/showtopic.php?t=399" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3491.json b/2005/3xxx/CVE-2005-3491.json index 9885e1efa65..817282e56c1 100644 --- a/2005/3xxx/CVE-2005-3491.json +++ b/2005/3xxx/CVE-2005-3491.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3491", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in the receiver function in loop.c in FlatFrag 0.3 and earlier allow remote attackers to execute arbitrary code via the (1) version, (2) name, and (3) model fields." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3491", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20051102 Buffer-overflow and crash in FlatFrag 0.3", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=113096078606274&w=2" - }, - { - "name" : "20051102 Buffer-overflow and crash in FlatFrag 0.3", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/415636/30/0/threaded" - }, - { - "name" : "http://aluigi.altervista.org/adv/flatfragz-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/flatfragz-adv.txt" - }, - { - "name" : "15287", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15287" - }, - { - "name" : "20769", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20769" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in the receiver function in loop.c in FlatFrag 0.3 and earlier allow remote attackers to execute arbitrary code via the (1) version, (2) name, and (3) model fields." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://aluigi.altervista.org/adv/flatfragz-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/flatfragz-adv.txt" + }, + { + "name": "15287", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15287" + }, + { + "name": "20051102 Buffer-overflow and crash in FlatFrag 0.3", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/415636/30/0/threaded" + }, + { + "name": "20769", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20769" + }, + { + "name": "20051102 Buffer-overflow and crash in FlatFrag 0.3", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=113096078606274&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3712.json b/2005/3xxx/CVE-2005-3712.json index f8dc4ebd6ca..b3548879708 100644 --- a/2005/3xxx/CVE-2005-3712.json +++ b/2005/3xxx/CVE-2005-3712.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3712", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3712", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=303382", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=303382" - }, - { - "name" : "APPLE-SA-2006-03-01", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html" - }, - { - "name" : "TA06-062A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-062A.html" - }, - { - "name" : "16907", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16907" - }, - { - "name" : "ADV-2006-0791", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0791" - }, - { - "name" : "23648", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23648" - }, - { - "name" : "19064", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19064" - }, - { - "name" : "macosx-rsync-bo(25029)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25029" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19064", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19064" + }, + { + "name": "16907", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16907" + }, + { + "name": "ADV-2006-0791", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0791" + }, + { + "name": "APPLE-SA-2006-03-01", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html" + }, + { + "name": "TA06-062A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-062A.html" + }, + { + "name": "23648", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23648" + }, + { + "name": "macosx-rsync-bo(25029)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25029" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=303382", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=303382" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5244.json b/2007/5xxx/CVE-2007-5244.json index 32ac199c081..9b3c4ee9980 100644 --- a/2007/5xxx/CVE-2007-5244.json +++ b/2007/5xxx/CVE-2007-5244.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5244", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5244", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://risesecurity.org/advisory/RISE-2007002/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/advisory/RISE-2007002/" - }, - { - "name" : "http://risesecurity.org/blog/entry/3/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/blog/entry/3/" - }, - { - "name" : "http://risesecurity.org/exploit/11/", - "refsource" : "MISC", - "url" : "http://risesecurity.org/exploit/11/" - }, - { - "name" : "25917", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25917" - }, - { - "name" : "ADV-2007-3381", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3381" - }, - { - "name" : "38610", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38610" - }, - { - "name" : "1018772", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018772" - }, - { - "name" : "27058", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27058" - }, - { - "name" : "borland-multiple-functions-bo(36956)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25917", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25917" + }, + { + "name": "http://risesecurity.org/blog/entry/3/", + "refsource": "MISC", + "url": "http://risesecurity.org/blog/entry/3/" + }, + { + "name": "1018772", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018772" + }, + { + "name": "ADV-2007-3381", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3381" + }, + { + "name": "borland-multiple-functions-bo(36956)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956" + }, + { + "name": "38610", + "refsource": "OSVDB", + "url": "http://osvdb.org/38610" + }, + { + "name": "http://risesecurity.org/advisory/RISE-2007002/", + "refsource": "MISC", + "url": "http://risesecurity.org/advisory/RISE-2007002/" + }, + { + "name": "http://risesecurity.org/exploit/11/", + "refsource": "MISC", + "url": "http://risesecurity.org/exploit/11/" + }, + { + "name": "27058", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27058" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2054.json b/2009/2xxx/CVE-2009-2054.json index 572b0b33de9..752be208ef0 100644 --- a/2009/2xxx/CVE-2009-2054.json +++ b/2009/2xxx/CVE-2009-2054.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2054", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and SIP outage) via a flood of TCP packets, aka Bug ID CSCsx23689." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2009-2054", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml" - }, - { - "name" : "36152", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36152" - }, - { - "name" : "57456", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/57456" - }, - { - "name" : "1022775", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1022775" - }, - { - "name" : "36498", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36498" - }, - { - "name" : "36499", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36499" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and SIP outage) via a flood of TCP packets, aka Bug ID CSCsx23689." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36499", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36499" + }, + { + "name": "36152", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36152" + }, + { + "name": "36498", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36498" + }, + { + "name": "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml" + }, + { + "name": "57456", + "refsource": "OSVDB", + "url": "http://osvdb.org/57456" + }, + { + "name": "1022775", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1022775" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2245.json b/2009/2xxx/CVE-2009-2245.json index 92448cf51e5..c0bdaa045d3 100644 --- a/2009/2xxx/CVE-2009-2245.json +++ b/2009/2xxx/CVE-2009-2245.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2245", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2245", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2522.json b/2009/2xxx/CVE-2009-2522.json index c73f79fd670..58ea14494b0 100644 --- a/2009/2xxx/CVE-2009-2522.json +++ b/2009/2xxx/CVE-2009-2522.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2522", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2009-2522", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3183.json b/2009/3xxx/CVE-2009-3183.json index 5d67166ade0..f09e80abc0d 100644 --- a/2009/3xxx/CVE-2009-3183.json +++ b/2009/3xxx/CVE-2009-3183.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3183", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3183", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://unsecurityresearch.blogspot.com/2009/02/advisories-published.html", - "refsource" : "MISC", - "url" : "http://unsecurityresearch.blogspot.com/2009/02/advisories-published.html" - }, - { - "name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-113718-04-1", - "refsource" : "CONFIRM", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-113718-04-1" - }, - { - "name" : "266348", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266348-1" - }, - { - "name" : "58110", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/58110" - }, - { - "name" : "solaris-w1-bo(53188)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53188" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-113718-04-1", + "refsource": "CONFIRM", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-113718-04-1" + }, + { + "name": "http://unsecurityresearch.blogspot.com/2009/02/advisories-published.html", + "refsource": "MISC", + "url": "http://unsecurityresearch.blogspot.com/2009/02/advisories-published.html" + }, + { + "name": "58110", + "refsource": "OSVDB", + "url": "http://osvdb.org/58110" + }, + { + "name": "266348", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266348-1" + }, + { + "name": "solaris-w1-bo(53188)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53188" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3319.json b/2009/3xxx/CVE-2009-3319.json index 0837146cf45..4cc482a04d5 100644 --- a/2009/3xxx/CVE-2009-3319.json +++ b/2009/3xxx/CVE-2009-3319.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3319", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sec list action, a different vector than CVE-2006-1018." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3319", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090921 Dawaween V 1.03 <<----SQL Injection Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/506616/100/0/threaded" - }, - { - "name" : "16909", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16909" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to execute arbitrary SQL commands via the id parameter in a sec list action, a different vector than CVE-2006-1018." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20090921 Dawaween V 1.03 <<----SQL Injection Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/506616/100/0/threaded" + }, + { + "name": "16909", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16909" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3807.json b/2009/3xxx/CVE-2009-3807.json index 6ae162756a7..66e6ad0508a 100644 --- a/2009/3xxx/CVE-2009-3807.json +++ b/2009/3xxx/CVE-2009-3807.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3807", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in MixVibes 7.043 Pro allows remote attackers to cause a denial of service (crash) via a long string in a .vib file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3807", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "9147", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9147" - }, - { - "name" : "mixvibes-vib-bo(51715)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51715" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in MixVibes 7.043 Pro allows remote attackers to cause a denial of service (crash) via a long string in a .vib file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "mixvibes-vib-bo(51715)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51715" + }, + { + "name": "9147", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9147" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0362.json b/2015/0xxx/CVE-2015-0362.json index 4f066177d0e..811136eab7a 100644 --- a/2015/0xxx/CVE-2015-0362.json +++ b/2015/0xxx/CVE-2015-0362.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0362", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to BI Publisher Security." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-0362", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "72170", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72170" - }, - { - "name" : "oracle-cpujan2015-cve20150362(100076)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100076" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to BI Publisher Security." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oracle-cpujan2015-cve20150362(100076)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100076" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + }, + { + "name": "72170", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72170" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0555.json b/2015/0xxx/CVE-2015-0555.json index 8011d6c4eb7..ca933e33807 100644 --- a/2015/0xxx/CVE-2015-0555.json +++ b/2015/0xxx/CVE-2015-0555.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0555", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control in Samsung iPOLiS Device Manager 1.12.2 allows remote attackers to execute arbitrary code via a long string in the first argument to the (1) ReadConfigValue or (2) WriteConfigValue function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-0555", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150221 Samsung iPolis XnsSdkDeviceIpInstaller.ocx ActiveX Remote Code Execution Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Feb/81" - }, - { - "name" : "http://packetstormsecurity.com/files/131421/Samsung-iPOLiS-1.12.2-ReadConfigValue-Remote-Code-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131421/Samsung-iPOLiS-1.12.2-ReadConfigValue-Remote-Code-Execution.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control in Samsung iPOLiS Device Manager 1.12.2 allows remote attackers to execute arbitrary code via a long string in the first argument to the (1) ReadConfigValue or (2) WriteConfigValue function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/131421/Samsung-iPOLiS-1.12.2-ReadConfigValue-Remote-Code-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131421/Samsung-iPOLiS-1.12.2-ReadConfigValue-Remote-Code-Execution.html" + }, + { + "name": "20150221 Samsung iPolis XnsSdkDeviceIpInstaller.ocx ActiveX Remote Code Execution Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Feb/81" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0623.json b/2015/0xxx/CVE-2015-0623.json index bce654b8ff4..e05978224e3 100644 --- a/2015/0xxx/CVE-2015-0623.json +++ b/2015/0xxx/CVE-2015-0623.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0623", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Administrator report page on Cisco Web Security Appliance (WSA) devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCus40627." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-0623", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150218 Cisco Web Security Appliance Cross-Site Scripting Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Administrator report page on Cisco Web Security Appliance (WSA) devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCus40627." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150218 Cisco Web Security Appliance Cross-Site Scripting Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0623" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1202.json b/2015/1xxx/CVE-2015-1202.json index 76923e640df..be0fc68eb3c 100644 --- a/2015/1xxx/CVE-2015-1202.json +++ b/2015/1xxx/CVE-2015-1202.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1202", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-1202", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1530.json b/2015/1xxx/CVE-2015-1530.json index d4514f8089f..4409290e48e 100644 --- a/2015/1xxx/CVE-2015-1530.json +++ b/2015/1xxx/CVE-2015-1530.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1530", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-1530", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1761.json b/2015/1xxx/CVE-2015-1761.json index 8f835b27c05..e3fe4abf85b 100644 --- a/2015/1xxx/CVE-2015-1761.json +++ b/2015/1xxx/CVE-2015-1761.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1761", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified pointers, which allows remote authenticated users to gain privileges by leveraging certain write access, aka \"SQL Server Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-1761", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05382740", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05382740" - }, - { - "name" : "MS15-058", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-058" - }, - { - "name" : "1032893", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032893" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified pointers, which allows remote authenticated users to gain privileges by leveraging certain write access, aka \"SQL Server Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032893", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032893" + }, + { + "name": "MS15-058", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-058" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05382740", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05382740" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4157.json b/2015/4xxx/CVE-2015-4157.json index be7f50b8d1b..d78e7c35281 100644 --- a/2015/4xxx/CVE-2015-4157.json +++ b/2015/4xxx/CVE-2015-4157.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4157", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP Content Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security Note 2127995." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4157", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150522 SAP Security Notes May 2015", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/May/96" - }, - { - "name" : "74805", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74805" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP Content Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security Note 2127995." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74805", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74805" + }, + { + "name": "20150522 SAP Security Notes May 2015", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/May/96" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4174.json b/2015/4xxx/CVE-2015-4174.json index 200e0c99c0b..d83654a1b1c 100644 --- a/2015/4xxx/CVE-2015-4174.json +++ b/2015/4xxx/CVE-2015-4174.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4174", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the integrated web server on the Siemens Climatix BACnet/IP communication module with firmware before 10.34 allows remote attackers to inject arbitrary web script or HTML via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4174", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-176-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-176-01" - }, - { - "name" : "http://packetstormsecurity.com/files/132514/Climatix-BACnet-IP-Communication-Module-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/132514/Climatix-BACnet-IP-Communication-Module-Cross-Site-Scripting.html" - }, - { - "name" : "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-142512.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-142512.pdf" - }, - { - "name" : "75427", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75427" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the integrated web server on the Siemens Climatix BACnet/IP communication module with firmware before 10.34 allows remote attackers to inject arbitrary web script or HTML via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-142512.pdf", + "refsource": "CONFIRM", + "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-142512.pdf" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-176-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-176-01" + }, + { + "name": "75427", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75427" + }, + { + "name": "http://packetstormsecurity.com/files/132514/Climatix-BACnet-IP-Communication-Module-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/132514/Climatix-BACnet-IP-Communication-Module-Cross-Site-Scripting.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4468.json b/2015/4xxx/CVE-2015-4468.json index 751b1ade7c8..5c2a04ebea4 100644 --- a/2015/4xxx/CVE-2015-4468.json +++ b/2015/4xxx/CVE-2015-4468.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4468", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in the search_chunk function in chmd.c in libmspack before 0.5 allow remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4468", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150203 Possible CVE Requests: libmspack: several issues", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2015/02/03/11" - }, - { - "name" : "http://anonscm.debian.org/cgit/collab-maint/libmspack.git/diff/debian/patches/fix-pointer-arithmetic-overflow.patch?id=a25bb144795e526748b57884daf365732c7e2295", - "refsource" : "CONFIRM", - "url" : "http://anonscm.debian.org/cgit/collab-maint/libmspack.git/diff/debian/patches/fix-pointer-arithmetic-overflow.patch?id=a25bb144795e526748b57884daf365732c7e2295" - }, - { - "name" : "https://bugs.debian.org/774726", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/774726" - }, - { - "name" : "72486", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72486" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in the search_chunk function in chmd.c in libmspack before 0.5 allow remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CHM file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20150203 Possible CVE Requests: libmspack: several issues", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2015/02/03/11" + }, + { + "name": "https://bugs.debian.org/774726", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/774726" + }, + { + "name": "72486", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72486" + }, + { + "name": "http://anonscm.debian.org/cgit/collab-maint/libmspack.git/diff/debian/patches/fix-pointer-arithmetic-overflow.patch?id=a25bb144795e526748b57884daf365732c7e2295", + "refsource": "CONFIRM", + "url": "http://anonscm.debian.org/cgit/collab-maint/libmspack.git/diff/debian/patches/fix-pointer-arithmetic-overflow.patch?id=a25bb144795e526748b57884daf365732c7e2295" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4493.json b/2015/4xxx/CVE-2015-4493.json index 14ea1396b8f..660cd7f9618 100644 --- a/2015/4xxx/CVE-2015-4493.json +++ b/2015/4xxx/CVE-2015-4493.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4493", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to CVE-2015-1539." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-4493", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-83.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-83.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1186718", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1186718" - }, - { - "name" : "https://hg.mozilla.org/mozilla-central/rev/a674c7019cb5", - "refsource" : "CONFIRM", - "url" : "https://hg.mozilla.org/mozilla-central/rev/a674c7019cb5" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "DSA-3333", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3333" - }, - { - "name" : "GLSA-201605-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-06" - }, - { - "name" : "RHSA-2015:1586", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1586.html" - }, - { - "name" : "openSUSE-SU-2015:1389", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html" - }, - { - "name" : "openSUSE-SU-2015:1390", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html" - }, - { - "name" : "openSUSE-SU-2015:1453", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html" - }, - { - "name" : "openSUSE-SU-2015:1454", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html" - }, - { - "name" : "USN-2702-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2702-1" - }, - { - "name" : "USN-2702-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2702-2" - }, - { - "name" : "USN-2702-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2702-3" - }, - { - "name" : "1033247", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033247" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to CVE-2015-1539." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:1454", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html" + }, + { + "name": "USN-2702-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2702-3" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1186718", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1186718" + }, + { + "name": "openSUSE-SU-2015:1389", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html" + }, + { + "name": "openSUSE-SU-2015:1453", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html" + }, + { + "name": "RHSA-2015:1586", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1586.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-83.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-83.html" + }, + { + "name": "1033247", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033247" + }, + { + "name": "https://hg.mozilla.org/mozilla-central/rev/a674c7019cb5", + "refsource": "CONFIRM", + "url": "https://hg.mozilla.org/mozilla-central/rev/a674c7019cb5" + }, + { + "name": "USN-2702-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2702-2" + }, + { + "name": "USN-2702-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2702-1" + }, + { + "name": "GLSA-201605-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-06" + }, + { + "name": "DSA-3333", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3333" + }, + { + "name": "openSUSE-SU-2015:1390", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4840.json b/2015/4xxx/CVE-2015-4840.json index 612e894ac2f..9f07a4d7bee 100644 --- a/2015/4xxx/CVE-2015-4840.json +++ b/2015/4xxx/CVE-2015-4840.json @@ -1,212 +1,212 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4840", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-4840", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "DSA-3381", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3381" - }, - { - "name" : "GLSA-201603-11", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-11" - }, - { - "name" : "GLSA-201603-14", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-14" - }, - { - "name" : "RHSA-2016:1430", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1430" - }, - { - "name" : "RHSA-2015:2506", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2506.html" - }, - { - "name" : "RHSA-2015:2507", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2507.html" - }, - { - "name" : "RHSA-2015:2509", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2509.html" - }, - { - "name" : "RHSA-2015:1919", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1919.html" - }, - { - "name" : "RHSA-2015:1920", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1920.html" - }, - { - "name" : "RHSA-2015:1921", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1921.html" - }, - { - "name" : "RHSA-2015:1926", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1926.html" - }, - { - "name" : "RHSA-2015:1927", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1927.html" - }, - { - "name" : "SUSE-SU-2016:0113", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" - }, - { - "name" : "openSUSE-SU-2016:0270", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" - }, - { - "name" : "SUSE-SU-2015:2166", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" - }, - { - "name" : "SUSE-SU-2015:2168", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" - }, - { - "name" : "SUSE-SU-2015:2182", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" - }, - { - "name" : "SUSE-SU-2015:2192", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" - }, - { - "name" : "SUSE-SU-2015:2216", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" - }, - { - "name" : "SUSE-SU-2015:2268", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html" - }, - { - "name" : "SUSE-SU-2015:1874", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html" - }, - { - "name" : "SUSE-SU-2015:1875", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html" - }, - { - "name" : "openSUSE-SU-2015:1902", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html" - }, - { - "name" : "openSUSE-SU-2015:1905", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html" - }, - { - "name" : "openSUSE-SU-2015:1906", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html" - }, - { - "name" : "openSUSE-SU-2015:1971", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html" - }, - { - "name" : "USN-2784-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2784-1" - }, - { - "name" : "77242", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77242" - }, - { - "name" : "1033884", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033884" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2015:2182", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" + }, + { + "name": "USN-2784-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2784-1" + }, + { + "name": "openSUSE-SU-2015:1905", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html" + }, + { + "name": "SUSE-SU-2015:2192", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" + }, + { + "name": "openSUSE-SU-2015:1906", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html" + }, + { + "name": "RHSA-2015:2507", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + }, + { + "name": "RHSA-2016:1430", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1430" + }, + { + "name": "RHSA-2015:2506", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html" + }, + { + "name": "RHSA-2015:2509", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html" + }, + { + "name": "1033884", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033884" + }, + { + "name": "SUSE-SU-2015:2166", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "openSUSE-SU-2016:0270", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" + }, + { + "name": "RHSA-2015:1919", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html" + }, + { + "name": "GLSA-201603-11", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-11" + }, + { + "name": "openSUSE-SU-2015:1902", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html" + }, + { + "name": "RHSA-2015:1920", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html" + }, + { + "name": "GLSA-201603-14", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-14" + }, + { + "name": "SUSE-SU-2015:2216", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" + }, + { + "name": "RHSA-2015:1927", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html" + }, + { + "name": "openSUSE-SU-2015:1971", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html" + }, + { + "name": "SUSE-SU-2015:2268", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html" + }, + { + "name": "SUSE-SU-2015:2168", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" + }, + { + "name": "RHSA-2015:1921", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html" + }, + { + "name": "SUSE-SU-2015:1874", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html" + }, + { + "name": "DSA-3381", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3381" + }, + { + "name": "RHSA-2015:1926", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html" + }, + { + "name": "SUSE-SU-2015:1875", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html" + }, + { + "name": "77242", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77242" + }, + { + "name": "SUSE-SU-2016:0113", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8123.json b/2015/8xxx/CVE-2015-8123.json index b402939f018..99d4d407730 100644 --- a/2015/8xxx/CVE-2015-8123.json +++ b/2015/8xxx/CVE-2015-8123.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8123", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8123", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8263.json b/2015/8xxx/CVE-2015-8263.json index a4688ee9f43..0a0c5708fac 100644 --- a/2015/8xxx/CVE-2015-8263.json +++ b/2015/8xxx/CVE-2015-8263.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8263", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-8263", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#403568", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/403568" - }, - { - "name" : "78873", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78873" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "78873", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78873" + }, + { + "name": "VU#403568", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/403568" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8692.json b/2015/8xxx/CVE-2015-8692.json index 2120af9267c..a8a6ca8980e 100644 --- a/2015/8xxx/CVE-2015-8692.json +++ b/2015/8xxx/CVE-2015-8692.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8692", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8692", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8817.json b/2015/8xxx/CVE-2015-8817.json index 6b2249025de..b8562722153 100644 --- a/2015/8xxx/CVE-2015-8817.json +++ b/2015/8xxx/CVE-2015-8817.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8817", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-8817", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160301 CVE request Qemu: OOB access in address_space_rw leads to segmentation fault", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/03/01/1" - }, - { - "name" : "[oss-security] 20160301 Re: CVE request Qemu: OOB access in address_space_rw leads to segmentation fault", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/03/01/10" - }, - { - "name" : "[qemu-stable] 20160127 [PATCH for v2.3.1] exec: Respect as_translate_internal length clamp", - "refsource" : "MLIST", - "url" : "https://lists.gnu.org/archive/html/qemu-stable/2016-01/msg00060.html" - }, - { - "name" : "http://git.qemu.org/?p=qemu.git;a=commit;h=23820dbfc79d1c9dce090b4c555994f2bb6a69b3", - "refsource" : "CONFIRM", - "url" : "http://git.qemu.org/?p=qemu.git;a=commit;h=23820dbfc79d1c9dce090b4c555994f2bb6a69b3" - }, - { - "name" : "http://git.qemu.org/?p=qemu.git;a=commit;h=c3c1bb99d1c11978d9ce94d1bdcf0705378c1459", - "refsource" : "CONFIRM", - "url" : "http://git.qemu.org/?p=qemu.git;a=commit;h=c3c1bb99d1c11978d9ce94d1bdcf0705378c1459" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1300771", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1300771" - }, - { - "name" : "RHSA-2016:2670", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2670.html" - }, - { - "name" : "RHSA-2016:2671", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2671.html" - }, - { - "name" : "RHSA-2016:2704", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2704.html" - }, - { - "name" : "RHSA-2016:2705", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2705.html" - }, - { - "name" : "RHSA-2016:2706", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2706.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:2671", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2671.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1300771", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1300771" + }, + { + "name": "http://git.qemu.org/?p=qemu.git;a=commit;h=23820dbfc79d1c9dce090b4c555994f2bb6a69b3", + "refsource": "CONFIRM", + "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=23820dbfc79d1c9dce090b4c555994f2bb6a69b3" + }, + { + "name": "RHSA-2016:2706", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2706.html" + }, + { + "name": "[oss-security] 20160301 CVE request Qemu: OOB access in address_space_rw leads to segmentation fault", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/03/01/1" + }, + { + "name": "[oss-security] 20160301 Re: CVE request Qemu: OOB access in address_space_rw leads to segmentation fault", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/03/01/10" + }, + { + "name": "RHSA-2016:2705", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2705.html" + }, + { + "name": "[qemu-stable] 20160127 [PATCH for v2.3.1] exec: Respect as_translate_internal length clamp", + "refsource": "MLIST", + "url": "https://lists.gnu.org/archive/html/qemu-stable/2016-01/msg00060.html" + }, + { + "name": "RHSA-2016:2670", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2670.html" + }, + { + "name": "RHSA-2016:2704", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2704.html" + }, + { + "name": "http://git.qemu.org/?p=qemu.git;a=commit;h=c3c1bb99d1c11978d9ce94d1bdcf0705378c1459", + "refsource": "CONFIRM", + "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=c3c1bb99d1c11978d9ce94d1bdcf0705378c1459" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2765.json b/2018/2xxx/CVE-2018-2765.json index 9f991c98789..b81199968b1 100644 --- a/2018/2xxx/CVE-2018-2765.json +++ b/2018/2xxx/CVE-2018-2765.json @@ -1,85 +1,85 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2765", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Security Service", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "11.1.1.9.0" - }, - { - "version_affected" : "=", - "version_value" : "12.1.3.0.0" - }, - { - "version_affected" : "=", - "version_value" : "12.2.1.2.0" - }, - { - "version_affected" : "=", - "version_value" : "12.2.1.3.0" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Security Service component of Oracle Fusion Middleware (subcomponent: Oracle SSL API). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Security Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Security Service accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Security Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Security Service accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2765", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Security Service", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "11.1.1.9.0" + }, + { + "version_affected": "=", + "version_value": "12.1.3.0.0" + }, + { + "version_affected": "=", + "version_value": "12.2.1.2.0" + }, + { + "version_affected": "=", + "version_value": "12.2.1.3.0" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "103808", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103808" - }, - { - "name" : "1040695", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040695" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Security Service component of Oracle Fusion Middleware (subcomponent: Oracle SSL API). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Security Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Security Service accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Security Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Security Service accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1040695", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040695" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "103808", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103808" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2967.json b/2018/2xxx/CVE-2018-2967.json index c05350efd63..53b9d2eb3b3 100644 --- a/2018/2xxx/CVE-2018-2967.json +++ b/2018/2xxx/CVE-2018-2967.json @@ -1,76 +1,76 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2967", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Primavera Unifier", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "16.x" - }, - { - "version_affected" : "=", - "version_value" : "17.x" - }, - { - "version_affected" : "=", - "version_value" : "18.x" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). Supported versions that are affected are 16.x, 17.x and 18.x. Easily exploitable vulnerability allows physical access to compromise Primavera Unifier. While the vulnerability is in Primavera Unifier, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Primavera Unifier accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows physical access to compromise Primavera Unifier. While the vulnerability is in Primavera Unifier, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Primavera Unifier accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2967", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Primavera Unifier", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "16.x" + }, + { + "version_affected": "=", + "version_value": "17.x" + }, + { + "version_affected": "=", + "version_value": "18.x" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" - }, - { - "name" : "104823", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104823" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). Supported versions that are affected are 16.x, 17.x and 18.x. Easily exploitable vulnerability allows physical access to compromise Primavera Unifier. While the vulnerability is in Primavera Unifier, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Primavera Unifier accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows physical access to compromise Primavera Unifier. While the vulnerability is in Primavera Unifier, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Primavera Unifier accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" + }, + { + "name": "104823", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104823" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6054.json b/2018/6xxx/CVE-2018-6054.json index 76dcbe54eb4..5fd2373ed51 100644 --- a/2018/6xxx/CVE-2018-6054.json +++ b/2018/6xxx/CVE-2018-6054.json @@ -1,88 +1,88 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "chrome-cve-admin@google.com", - "ID" : "CVE-2018-6054", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Chrome", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "64.0.3282.119" - } - ] - } - } - ] - }, - "vendor_name" : "Google" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Use after free" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2018-6054", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "64.0.3282.119" + } + ] + } + } + ] + }, + "vendor_name": "Google" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html" - }, - { - "name" : "https://crbug.com/797511", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/797511" - }, - { - "name" : "DSA-4103", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4103" - }, - { - "name" : "RHSA-2018:0265", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0265" - }, - { - "name" : "102797", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102797" - }, - { - "name" : "1040282", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040282" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use after free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html" + }, + { + "name": "DSA-4103", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4103" + }, + { + "name": "102797", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102797" + }, + { + "name": "1040282", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040282" + }, + { + "name": "RHSA-2018:0265", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0265" + }, + { + "name": "https://crbug.com/797511", + "refsource": "CONFIRM", + "url": "https://crbug.com/797511" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6569.json b/2018/6xxx/CVE-2018-6569.json index b361ca1e549..5c681253968 100644 --- a/2018/6xxx/CVE-2018-6569.json +++ b/2018/6xxx/CVE-2018-6569.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6569", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "West Wind Web Server 6.x does not require authentication for /ADMIN.ASP." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6569", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://dfdrconsulting.com/cve-2018-6569-west-wind-web-server-unauthenticated-admin-access-process-execution-termination/", - "refsource" : "MISC", - "url" : "http://dfdrconsulting.com/cve-2018-6569-west-wind-web-server-unauthenticated-admin-access-process-execution-termination/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "West Wind Web Server 6.x does not require authentication for /ADMIN.ASP." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://dfdrconsulting.com/cve-2018-6569-west-wind-web-server-unauthenticated-admin-access-process-execution-termination/", + "refsource": "MISC", + "url": "http://dfdrconsulting.com/cve-2018-6569-west-wind-web-server-unauthenticated-admin-access-process-execution-termination/" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6769.json b/2018/6xxx/CVE-2018-6769.json index 6908e4d64a1..417e84ca111 100644 --- a/2018/6xxx/CVE-2018-6769.json +++ b/2018/6xxx/CVE-2018-6769.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6769", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x99008020." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6769", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KrnlCall_99008020", - "refsource" : "MISC", - "url" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KrnlCall_99008020" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x99008020." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KrnlCall_99008020", + "refsource": "MISC", + "url": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KrnlCall_99008020" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6989.json b/2018/6xxx/CVE-2018-6989.json index 0572d227bad..2bb85a44d6e 100644 --- a/2018/6xxx/CVE-2018-6989.json +++ b/2018/6xxx/CVE-2018-6989.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6989", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-6989", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7031.json b/2018/7xxx/CVE-2018-7031.json index dd0178456f6..ce4081056f6 100644 --- a/2018/7xxx/CVE-2018-7031.json +++ b/2018/7xxx/CVE-2018-7031.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7031", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-7031", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7045.json b/2018/7xxx/CVE-2018-7045.json index c328af56e5a..be8f496a477 100644 --- a/2018/7xxx/CVE-2018-7045.json +++ b/2018/7xxx/CVE-2018-7045.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7045", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7045", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7750.json b/2018/7xxx/CVE-2018-7750.json index 7b8e5a586c9..f4bc251d58e 100644 --- a/2018/7xxx/CVE-2018-7750.json +++ b/2018/7xxx/CVE-2018-7750.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7750", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7750", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "45712", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45712/" - }, - { - "name" : "[debian-lts-announce] 20181027 [SECURITY] [DLA 1556-1] paramiko security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html" - }, - { - "name" : "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst", - "refsource" : "CONFIRM", - "url" : "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst" - }, - { - "name" : "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516", - "refsource" : "CONFIRM", - "url" : "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516" - }, - { - "name" : "https://github.com/paramiko/paramiko/issues/1175", - "refsource" : "CONFIRM", - "url" : "https://github.com/paramiko/paramiko/issues/1175" - }, - { - "name" : "RHSA-2018:0591", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0591" - }, - { - "name" : "RHSA-2018:0646", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0646" - }, - { - "name" : "RHSA-2018:1124", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1124" - }, - { - "name" : "RHSA-2018:1125", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1125" - }, - { - "name" : "RHSA-2018:1213", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1213" - }, - { - "name" : "RHSA-2018:1274", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1274" - }, - { - "name" : "RHSA-2018:1328", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1328" - }, - { - "name" : "RHSA-2018:1525", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1525" - }, - { - "name" : "RHSA-2018:1972", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1972" - }, - { - "name" : "USN-3603-2", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3603-2/" - }, - { - "name" : "USN-3603-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3603-1/" - }, - { - "name" : "103713", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103713" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2018:1124", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1124" + }, + { + "name": "45712", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45712/" + }, + { + "name": "https://github.com/paramiko/paramiko/issues/1175", + "refsource": "CONFIRM", + "url": "https://github.com/paramiko/paramiko/issues/1175" + }, + { + "name": "RHSA-2018:1125", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1125" + }, + { + "name": "RHSA-2018:1972", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1972" + }, + { + "name": "RHSA-2018:1274", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1274" + }, + { + "name": "[debian-lts-announce] 20181027 [SECURITY] [DLA 1556-1] paramiko security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00018.html" + }, + { + "name": "USN-3603-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3603-2/" + }, + { + "name": "RHSA-2018:0646", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0646" + }, + { + "name": "RHSA-2018:1213", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1213" + }, + { + "name": "USN-3603-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3603-1/" + }, + { + "name": "RHSA-2018:1525", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1525" + }, + { + "name": "RHSA-2018:1328", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1328" + }, + { + "name": "RHSA-2018:0591", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0591" + }, + { + "name": "103713", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103713" + }, + { + "name": "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516", + "refsource": "CONFIRM", + "url": "https://github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516" + }, + { + "name": "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst", + "refsource": "CONFIRM", + "url": "https://github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7963.json b/2018/7xxx/CVE-2018-7963.json index dcc639d7a39..600a6d72ed7 100644 --- a/2018/7xxx/CVE-2018-7963.json +++ b/2018/7xxx/CVE-2018-7963.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7963", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-7963", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1461.json b/2019/1xxx/CVE-2019-1461.json index cf5c2a7f3c5..13d873307fc 100644 --- a/2019/1xxx/CVE-2019-1461.json +++ b/2019/1xxx/CVE-2019-1461.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1461", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1461", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1938.json b/2019/1xxx/CVE-2019-1938.json index 61933e0e17b..a5b66e1d13d 100644 --- a/2019/1xxx/CVE-2019-1938.json +++ b/2019/1xxx/CVE-2019-1938.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1938", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1938", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5052.json b/2019/5xxx/CVE-2019-5052.json index 6b7e2a3acaf..b8545616ae4 100644 --- a/2019/5xxx/CVE-2019-5052.json +++ b/2019/5xxx/CVE-2019-5052.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5052", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5052", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5172.json b/2019/5xxx/CVE-2019-5172.json index dc3b267e3ce..c881f21cb6a 100644 --- a/2019/5xxx/CVE-2019-5172.json +++ b/2019/5xxx/CVE-2019-5172.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5172", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5172", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5181.json b/2019/5xxx/CVE-2019-5181.json index 7dc318ec19c..3adb90233a6 100644 --- a/2019/5xxx/CVE-2019-5181.json +++ b/2019/5xxx/CVE-2019-5181.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5181", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5181", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5424.json b/2019/5xxx/CVE-2019-5424.json index c1b667188f5..13813ca17c7 100644 --- a/2019/5xxx/CVE-2019-5424.json +++ b/2019/5xxx/CVE-2019-5424.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5424", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5424", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file