From 29d6e97a6460bb6c64e3bdbbe4124020c2239d68 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 22:30:49 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0059.json | 140 ++++++------ 1999/0xxx/CVE-1999-0383.json | 130 +++++------ 1999/1xxx/CVE-1999-1393.json | 130 +++++------ 2005/2xxx/CVE-2005-2359.json | 160 ++++++------- 2005/2xxx/CVE-2005-2443.json | 140 ++++++------ 2005/2xxx/CVE-2005-2587.json | 160 ++++++------- 2005/2xxx/CVE-2005-2828.json | 34 +-- 2005/3xxx/CVE-2005-3027.json | 170 +++++++------- 2005/3xxx/CVE-2005-3428.json | 190 +++++++-------- 2005/3xxx/CVE-2005-3955.json | 260 ++++++++++----------- 2009/2xxx/CVE-2009-2144.json | 130 +++++------ 2009/2xxx/CVE-2009-2520.json | 34 +-- 2009/3xxx/CVE-2009-3024.json | 190 +++++++-------- 2015/0xxx/CVE-2015-0237.json | 130 +++++------ 2015/0xxx/CVE-2015-0297.json | 130 +++++------ 2015/0xxx/CVE-2015-0303.json | 210 ++++++++--------- 2015/0xxx/CVE-2015-0304.json | 220 +++++++++--------- 2015/0xxx/CVE-2015-0420.json | 140 ++++++------ 2015/0xxx/CVE-2015-0726.json | 140 ++++++------ 2015/1xxx/CVE-2015-1872.json | 150 ++++++------ 2015/4xxx/CVE-2015-4065.json | 150 ++++++------ 2015/4xxx/CVE-2015-4919.json | 130 +++++------ 2015/8xxx/CVE-2015-8034.json | 130 +++++------ 2015/8xxx/CVE-2015-8642.json | 230 +++++++++---------- 2015/8xxx/CVE-2015-8867.json | 230 +++++++++---------- 2015/9xxx/CVE-2015-9016.json | 142 ++++++------ 2016/5xxx/CVE-2016-5417.json | 160 ++++++------- 2018/1999xxx/CVE-2018-1999028.json | 126 +++++----- 2018/2xxx/CVE-2018-2217.json | 34 +-- 2018/2xxx/CVE-2018-2275.json | 34 +-- 2018/2xxx/CVE-2018-2331.json | 34 +-- 2018/2xxx/CVE-2018-2343.json | 34 +-- 2018/2xxx/CVE-2018-2663.json | 356 ++++++++++++++--------------- 2018/2xxx/CVE-2018-2694.json | 150 ++++++------ 2018/6xxx/CVE-2018-6123.json | 172 +++++++------- 2018/6xxx/CVE-2018-6246.json | 122 +++++----- 2018/6xxx/CVE-2018-6594.json | 160 ++++++------- 2018/6xxx/CVE-2018-6951.json | 150 ++++++------ 2018/7xxx/CVE-2018-7264.json | 130 +++++------ 2018/7xxx/CVE-2018-7293.json | 34 +-- 2018/7xxx/CVE-2018-7365.json | 160 ++++++------- 2018/7xxx/CVE-2018-7407.json | 140 ++++++------ 2019/1xxx/CVE-2019-1164.json | 34 +-- 2019/1xxx/CVE-2019-1251.json | 34 +-- 2019/1xxx/CVE-2019-1592.json | 34 +-- 2019/5xxx/CVE-2019-5143.json | 34 +-- 2019/5xxx/CVE-2019-5274.json | 34 +-- 2019/5xxx/CVE-2019-5276.json | 34 +-- 2019/5xxx/CVE-2019-5815.json | 34 +-- 49 files changed, 3117 insertions(+), 3117 deletions(-) diff --git a/1999/0xxx/CVE-1999-0059.json b/1999/0xxx/CVE-1999-0059.json index edcfdd1e394..3519399e416 100644 --- a/1999/0xxx/CVE-1999-0059.json +++ b/1999/0xxx/CVE-1999-0059.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0059", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IRIX fam service allows an attacker to obtain a list of all files on the server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0059", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "353", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/353" - }, - { - "name" : "164", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/164" - }, - { - "name" : "irix-fam(325)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/325" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IRIX fam service allows an attacker to obtain a list of all files on the server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "164", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/164" + }, + { + "name": "353", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/353" + }, + { + "name": "irix-fam(325)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/325" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0383.json b/1999/0xxx/CVE-1999-0383.json index b642bfd6f20..b28d705662a 100644 --- a/1999/0xxx/CVE-1999-0383.json +++ b/1999/0xxx/CVE-1999-0383.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0383", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ACC Tigris allows public access without a login." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0383", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "183", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/183" - }, - { - "name" : "267", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/267" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ACC Tigris allows public access without a login." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "267", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/267" + }, + { + "name": "183", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/183" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1393.json b/1999/1xxx/CVE-1999-1393.json index e867d4de985..f040cbfe0c9 100644 --- a/1999/1xxx/CVE-1999-1393.json +++ b/1999/1xxx/CVE-1999-1393.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1393", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Control Panel \"Password Security\" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1393", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://freaky.staticusers.net/macsec/data/powerbooksecurity-data.html", - "refsource" : "MISC", - "url" : "http://freaky.staticusers.net/macsec/data/powerbooksecurity-data.html" - }, - { - "name" : "532", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/532" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Control Panel \"Password Security\" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://freaky.staticusers.net/macsec/data/powerbooksecurity-data.html", + "refsource": "MISC", + "url": "http://freaky.staticusers.net/macsec/data/powerbooksecurity-data.html" + }, + { + "name": "532", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/532" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2359.json b/2005/2xxx/CVE-2005-2359.json index a3a1c312ac0..fa7c576e372 100644 --- a/2005/2xxx/CVE-2005-2359.json +++ b/2005/2xxx/CVE-2005-2359.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2359", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secteam@freebsd.org", + "ID": "CVE-2005-2359", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "FreeBSD-SA-05:19", - "refsource" : "FREEBSD", - "url" : "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc" - }, - { - "name" : "14394", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14394" - }, - { - "name" : "1014586", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014586" - }, - { - "name" : "16244", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16244/" - }, - { - "name" : "freebsd-aesxcbcmac-security-bypass(21551)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21551" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16244", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16244/" + }, + { + "name": "FreeBSD-SA-05:19", + "refsource": "FREEBSD", + "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc" + }, + { + "name": "freebsd-aesxcbcmac-security-bypass(21551)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21551" + }, + { + "name": "14394", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14394" + }, + { + "name": "1014586", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014586" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2443.json b/2005/2xxx/CVE-2005-2443.json index d1ee91e798d..dce93268c5d 100644 --- a/2005/2xxx/CVE-2005-2443.json +++ b/2005/2xxx/CVE-2005-2443.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2443", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Kshout 2.x and 3.x stores settings.dat under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2443", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050729 Kshout Data Disclosure", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112274114623893&w=2" - }, - { - "name" : "http://www.soulblack.com.ar/repo/papers/advisory/kshout_advisory.txt", - "refsource" : "MISC", - "url" : "http://www.soulblack.com.ar/repo/papers/advisory/kshout_advisory.txt" - }, - { - "name" : "kshout-settings-information-disclosure(24352)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24352" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Kshout 2.x and 3.x stores settings.dat under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.soulblack.com.ar/repo/papers/advisory/kshout_advisory.txt", + "refsource": "MISC", + "url": "http://www.soulblack.com.ar/repo/papers/advisory/kshout_advisory.txt" + }, + { + "name": "20050729 Kshout Data Disclosure", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112274114623893&w=2" + }, + { + "name": "kshout-settings-information-disclosure(24352)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24352" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2587.json b/2005/2xxx/CVE-2005-2587.json index f685f9730c6..b54761bcafd 100644 --- a/2005/2xxx/CVE-2005-2587.json +++ b/2005/2xxx/CVE-2005-2587.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2587", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in emailvalidate.php in PHPTB Topic Boards 2.0 allows remote attackers to execute arbitrary SQL commands via the mid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2587", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050813 SQL in PHPTB Topic Boards 2.0", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112395837127707&w=2" - }, - { - "name" : "14535", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14535" - }, - { - "name" : "18736", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/18736" - }, - { - "name" : "16443", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16443" - }, - { - "name" : "phptb-mid-sql-injection(21813)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21813" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in emailvalidate.php in PHPTB Topic Boards 2.0 allows remote attackers to execute arbitrary SQL commands via the mid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20050813 SQL in PHPTB Topic Boards 2.0", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112395837127707&w=2" + }, + { + "name": "phptb-mid-sql-injection(21813)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21813" + }, + { + "name": "14535", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14535" + }, + { + "name": "16443", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16443" + }, + { + "name": "18736", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/18736" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2828.json b/2005/2xxx/CVE-2005-2828.json index 039ea292355..fdf1ab65f58 100644 --- a/2005/2xxx/CVE-2005-2828.json +++ b/2005/2xxx/CVE-2005-2828.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2828", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2828", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3027.json b/2005/3xxx/CVE-2005-3027.json index 3c43af01576..44980147d92 100644 --- a/2005/3xxx/CVE-2005-3027.json +++ b/2005/3xxx/CVE-2005-3027.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3027", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sybari Antigen 8.0 SR2 does not properly filter SMTP messages, which allows remote attackers to bypass custom filter rules and send file attachments of arbitrary file types via a message with a subject of \"Antigen forwarded attachment\"." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3027", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050919 Antigen 8.0 for Exchange/SMTP Rule Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112714679622107&w=2" - }, - { - "name" : "14875", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14875" - }, - { - "name" : "1014934", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014934" - }, - { - "name" : "16759", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16759/" - }, - { - "name" : "15", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/15" - }, - { - "name" : "antigen-subject-bypass-security(22327)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22327" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sybari Antigen 8.0 SR2 does not properly filter SMTP messages, which allows remote attackers to bypass custom filter rules and send file attachments of arbitrary file types via a message with a subject of \"Antigen forwarded attachment\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "antigen-subject-bypass-security(22327)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22327" + }, + { + "name": "1014934", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014934" + }, + { + "name": "15", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/15" + }, + { + "name": "14875", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14875" + }, + { + "name": "16759", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16759/" + }, + { + "name": "20050919 Antigen 8.0 for Exchange/SMTP Rule Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112714679622107&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3428.json b/2005/3xxx/CVE-2005-3428.json index d23aadc9a5a..538aaf219d5 100644 --- a/2005/3xxx/CVE-2005-3428.json +++ b/2005/3xxx/CVE-2005-3428.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3428", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to inject arbitrary web script or HTML via a message body." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3428", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20051028 Multiple vulnerabilities within RockLiffe MailSite Express WebMail", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=113053680631151&w=2" - }, - { - "name" : "20051028 Multiple vulnerabilities within RockLiffe MailSite Express WebMail", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0578.html" - }, - { - "name" : "http://www.security-assessment.com/Advisories/Rockliffe_Express_Webmail_Vulnerabilities.pdf", - "refsource" : "MISC", - "url" : "http://www.security-assessment.com/Advisories/Rockliffe_Express_Webmail_Vulnerabilities.pdf" - }, - { - "name" : "20488", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20488" - }, - { - "name" : "oval:org.mitre.oval:def:1052", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1052" - }, - { - "name" : "1015117", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015117" - }, - { - "name" : "17240", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17240/" - }, - { - "name" : "mailsiteexpress-attachment-script-execution(22907)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22907" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to inject arbitrary web script or HTML via a message body." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20051028 Multiple vulnerabilities within RockLiffe MailSite Express WebMail", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0578.html" + }, + { + "name": "20488", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20488" + }, + { + "name": "mailsiteexpress-attachment-script-execution(22907)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22907" + }, + { + "name": "1015117", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015117" + }, + { + "name": "http://www.security-assessment.com/Advisories/Rockliffe_Express_Webmail_Vulnerabilities.pdf", + "refsource": "MISC", + "url": "http://www.security-assessment.com/Advisories/Rockliffe_Express_Webmail_Vulnerabilities.pdf" + }, + { + "name": "17240", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17240/" + }, + { + "name": "oval:org.mitre.oval:def:1052", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1052" + }, + { + "name": "20051028 Multiple vulnerabilities within RockLiffe MailSite Express WebMail", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=113053680631151&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3955.json b/2005/3xxx/CVE-2005-3955.json index 2362c561dc1..eb59dfdc543 100644 --- a/2005/3xxx/CVE-2005-3955.json +++ b/2005/3xxx/CVE-2005-3955.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3955", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, as used in (a) blogBuddiesv 0.3, (b) Jaws 0.6.2, and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (2) rss_url parameter to (b) magpie_slashbox.php and (c) simple_smarty.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3955", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060626 Jaws <= 0.6.2 'Search gadget' SQL injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/438434/100/0/threaded" - }, - { - "name" : "20150508 Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/May/35" - }, - { - "name" : "http://retrogod.altervista.org/JAWS_062_sql.html", - "refsource" : "MISC", - "url" : "http://retrogod.altervista.org/JAWS_062_sql.html" - }, - { - "name" : "http://www.jaws-project.com/index.php?blog/show/29", - "refsource" : "MISC", - "url" : "http://www.jaws-project.com/index.php?blog/show/29" - }, - { - "name" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1366743&group_id=127552&atid=708847", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1366743&group_id=127552&atid=708847" - }, - { - "name" : "15555", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15555" - }, - { - "name" : "18665", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18665" - }, - { - "name" : "ADV-2006-2546", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2546" - }, - { - "name" : "21112", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/21112" - }, - { - "name" : "21113", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/21113" - }, - { - "name" : "21643", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/21643" - }, - { - "name" : "1015264", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015264" - }, - { - "name" : "17741", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17741" - }, - { - "name" : "20842", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20842" - }, - { - "name" : "jaws-magpieslashbox-xss(27337)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27337" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, as used in (a) blogBuddiesv 0.3, (b) Jaws 0.6.2, and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (2) rss_url parameter to (b) magpie_slashbox.php and (c) simple_smarty.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://retrogod.altervista.org/JAWS_062_sql.html", + "refsource": "MISC", + "url": "http://retrogod.altervista.org/JAWS_062_sql.html" + }, + { + "name": "http://sourceforge.net/tracker/index.php?func=detail&aid=1366743&group_id=127552&atid=708847", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1366743&group_id=127552&atid=708847" + }, + { + "name": "jaws-magpieslashbox-xss(27337)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27337" + }, + { + "name": "20842", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20842" + }, + { + "name": "20150508 Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/May/35" + }, + { + "name": "17741", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17741" + }, + { + "name": "1015264", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015264" + }, + { + "name": "http://www.jaws-project.com/index.php?blog/show/29", + "refsource": "MISC", + "url": "http://www.jaws-project.com/index.php?blog/show/29" + }, + { + "name": "21113", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/21113" + }, + { + "name": "15555", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15555" + }, + { + "name": "20060626 Jaws <= 0.6.2 'Search gadget' SQL injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/438434/100/0/threaded" + }, + { + "name": "21112", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/21112" + }, + { + "name": "ADV-2006-2546", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2546" + }, + { + "name": "21643", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/21643" + }, + { + "name": "18665", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18665" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2144.json b/2009/2xxx/CVE-2009-2144.json index d4da99793fc..45daf22948b 100644 --- a/2009/2xxx/CVE-2009-2144.json +++ b/2009/2xxx/CVE-2009-2144.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2144", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2144", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://firestats.cc/wiki/ChangeLog#a1.6.2-stable13062009", - "refsource" : "CONFIRM", - "url" : "http://firestats.cc/wiki/ChangeLog#a1.6.2-stable13062009" - }, - { - "name" : "35400", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35400" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the FireStats plugin before 1.6.2-stable for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://firestats.cc/wiki/ChangeLog#a1.6.2-stable13062009", + "refsource": "CONFIRM", + "url": "http://firestats.cc/wiki/ChangeLog#a1.6.2-stable13062009" + }, + { + "name": "35400", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35400" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2520.json b/2009/2xxx/CVE-2009-2520.json index e878a9c7f65..e315214155b 100644 --- a/2009/2xxx/CVE-2009-2520.json +++ b/2009/2xxx/CVE-2009-2520.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2520", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2009-2520", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3024.json b/2009/3xxx/CVE-2009-3024.json index 6daf94c81c9..6a164e87852 100644 --- a/2009/3xxx/CVE-2009-3024.json +++ b/2009/3xxx/CVE-2009-3024.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3024", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The verify_hostname_of_cert function in the certificate checking feature in IO-Socket-SSL (IO::Socket::SSL) 1.14 through 1.25 only matches the prefix of a hostname when no wildcard is used, which allows remote attackers to bypass the hostname check for a certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3024", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20090828 CVE request: perl-IO-Socket-SSL certificate hostname compare bug", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2009/08/28/1" - }, - { - "name" : "[oss-security] 20090829 Re: CVE request: perl-IO-Socket-SSL certificate hostname compare bug", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2009/08/29/1" - }, - { - "name" : "[oss-security] 20090831 Re: Re: CVE request: perl-IO-Socket-SSL certificate hostname compare bug", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2009/08/31/4" - }, - { - "name" : "http://cpansearch.perl.org/src/SULLR/IO-Socket-SSL-1.30/Changes", - "refsource" : "CONFIRM", - "url" : "http://cpansearch.perl.org/src/SULLR/IO-Socket-SSL-1.30/Changes" - }, - { - "name" : "GLSA-201101-06", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-201101-06.xml" - }, - { - "name" : "SUSE-SR:2009:015", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html" - }, - { - "name" : "42893", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42893" - }, - { - "name" : "ADV-2011-0118", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0118" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The verify_hostname_of_cert function in the certificate checking feature in IO-Socket-SSL (IO::Socket::SSL) 1.14 through 1.25 only matches the prefix of a hostname when no wildcard is used, which allows remote attackers to bypass the hostname check for a certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://cpansearch.perl.org/src/SULLR/IO-Socket-SSL-1.30/Changes", + "refsource": "CONFIRM", + "url": "http://cpansearch.perl.org/src/SULLR/IO-Socket-SSL-1.30/Changes" + }, + { + "name": "ADV-2011-0118", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0118" + }, + { + "name": "GLSA-201101-06", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-201101-06.xml" + }, + { + "name": "SUSE-SR:2009:015", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html" + }, + { + "name": "42893", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42893" + }, + { + "name": "[oss-security] 20090828 CVE request: perl-IO-Socket-SSL certificate hostname compare bug", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2009/08/28/1" + }, + { + "name": "[oss-security] 20090829 Re: CVE request: perl-IO-Socket-SSL certificate hostname compare bug", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2009/08/29/1" + }, + { + "name": "[oss-security] 20090831 Re: Re: CVE request: perl-IO-Socket-SSL certificate hostname compare bug", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2009/08/31/4" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0237.json b/2015/0xxx/CVE-2015-0237.json index d05ea20c486..3374cfc0104 100644 --- a/2015/0xxx/CVE-2015-0237.json +++ b/2015/0xxx/CVE-2015-0237.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0237", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-0237", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "RHSA-2015:0888", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0888.html" - }, - { - "name" : "1032231", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032231" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032231", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032231" + }, + { + "name": "RHSA-2015:0888", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0888.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0297.json b/2015/0xxx/CVE-2015-0297.json index a43424bab2b..91887f5f165 100644 --- a/2015/0xxx/CVE-2015-0297.json +++ b/2015/0xxx/CVE-2015-0297.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0297", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methods via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of service (disk consumption) via the ContentManager." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-0297", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "RHSA-2015:0862", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0862.html" - }, - { - "name" : "1032181", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032181" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methods via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of service (disk consumption) via the ContentManager." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:0862", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0862.html" + }, + { + "name": "1032181", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032181" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0303.json b/2015/0xxx/CVE-2015-0303.json index f1aa7d47305..04a100567bb 100644 --- a/2015/0xxx/CVE-2015-0303.json +++ b/2015/0xxx/CVE-2015-0303.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0303", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0306." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-0303", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://helpx.adobe.com/security/products/flash-player/apsb15-01.html", - "refsource" : "CONFIRM", - "url" : "http://helpx.adobe.com/security/products/flash-player/apsb15-01.html" - }, - { - "name" : "GLSA-201502-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201502-02.xml" - }, - { - "name" : "72031", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72031" - }, - { - "name" : "1031525", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031525" - }, - { - "name" : "62252", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62252" - }, - { - "name" : "62371", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62371" - }, - { - "name" : "62740", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62740" - }, - { - "name" : "62177", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62177" - }, - { - "name" : "62187", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62187" - }, - { - "name" : "adobe-cve20150303-code-exec(99983)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99983" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0306." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "62371", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62371" + }, + { + "name": "GLSA-201502-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201502-02.xml" + }, + { + "name": "adobe-cve20150303-code-exec(99983)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99983" + }, + { + "name": "62740", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62740" + }, + { + "name": "62177", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62177" + }, + { + "name": "http://helpx.adobe.com/security/products/flash-player/apsb15-01.html", + "refsource": "CONFIRM", + "url": "http://helpx.adobe.com/security/products/flash-player/apsb15-01.html" + }, + { + "name": "62252", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62252" + }, + { + "name": "1031525", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031525" + }, + { + "name": "62187", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62187" + }, + { + "name": "72031", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72031" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0304.json b/2015/0xxx/CVE-2015-0304.json index bf64d0a7d05..320c1b266fc 100644 --- a/2015/0xxx/CVE-2015-0304.json +++ b/2015/0xxx/CVE-2015-0304.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0304", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0309." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-0304", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141016 Adobe Flash Player Sound Object \"loadCompressedDataFromByteArray\" Heap Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1089" - }, - { - "name" : "http://helpx.adobe.com/security/products/flash-player/apsb15-01.html", - "refsource" : "CONFIRM", - "url" : "http://helpx.adobe.com/security/products/flash-player/apsb15-01.html" - }, - { - "name" : "GLSA-201502-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201502-02.xml" - }, - { - "name" : "72032", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72032" - }, - { - "name" : "1031525", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031525" - }, - { - "name" : "62252", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62252" - }, - { - "name" : "62371", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62371" - }, - { - "name" : "62740", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62740" - }, - { - "name" : "62177", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62177" - }, - { - "name" : "62187", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62187" - }, - { - "name" : "adobe-cve20150304-bo(99985)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99985" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0309." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "62371", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62371" + }, + { + "name": "GLSA-201502-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201502-02.xml" + }, + { + "name": "62740", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62740" + }, + { + "name": "62177", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62177" + }, + { + "name": "20141016 Adobe Flash Player Sound Object \"loadCompressedDataFromByteArray\" Heap Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1089" + }, + { + "name": "http://helpx.adobe.com/security/products/flash-player/apsb15-01.html", + "refsource": "CONFIRM", + "url": "http://helpx.adobe.com/security/products/flash-player/apsb15-01.html" + }, + { + "name": "62252", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62252" + }, + { + "name": "1031525", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031525" + }, + { + "name": "adobe-cve20150304-bo(99985)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99985" + }, + { + "name": "62187", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62187" + }, + { + "name": "72032", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72032" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0420.json b/2015/0xxx/CVE-2015-0420.json index 34ea1921324..1115c1e1f72 100644 --- a/2015/0xxx/CVE-2015-0420.json +++ b/2015/0xxx/CVE-2015-0420.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0420", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-0420", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "72225", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72225" - }, - { - "name" : "62479", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62479" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11.1.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Forms Services." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + }, + { + "name": "72225", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72225" + }, + { + "name": "62479", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62479" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0726.json b/2015/0xxx/CVE-2015-0726.json index 8b92f0a82bf..817b73b24ec 100644 --- a/2015/0xxx/CVE-2015-0726.json +++ b/2015/0xxx/CVE-2015-0726.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0726", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7.0.241, 7.1.x through 7.4.x before 7.4.122, and 7.5.x and 7.6.x before 7.6.120 allows remote authenticated users to cause a denial of service (device crash) via unspecified parameters, aka Bug IDs CSCum65159 and CSCum65252." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-0726", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150513 Cisco Wireless LAN Controller Web Administration Interface Authenticated Remote Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=38789" - }, - { - "name" : "74641", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74641" - }, - { - "name" : "1032327", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032327" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7.0.241, 7.1.x through 7.4.x before 7.4.122, and 7.5.x and 7.6.x before 7.6.120 allows remote authenticated users to cause a denial of service (device crash) via unspecified parameters, aka Bug IDs CSCum65159 and CSCum65252." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150513 Cisco Wireless LAN Controller Web Administration Interface Authenticated Remote Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38789" + }, + { + "name": "1032327", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032327" + }, + { + "name": "74641", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74641" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1872.json b/2015/1xxx/CVE-2015-1872.json index 750d2ff0223..d5e3136d226 100644 --- a/2015/1xxx/CVE-2015-1872.json +++ b/2015/1xxx/CVE-2015-1872.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1872", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Motion JPEG data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-1872", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=fabbfaa095660982cc0bc63242c459561fa37037", - "refsource" : "CONFIRM", - "url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=fabbfaa095660982cc0bc63242c459561fa37037" - }, - { - "name" : "USN-2944-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2944-1" - }, - { - "name" : "72644", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72644" - }, - { - "name" : "1033078", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033078" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Motion JPEG data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=fabbfaa095660982cc0bc63242c459561fa37037", + "refsource": "CONFIRM", + "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=fabbfaa095660982cc0bc63242c459561fa37037" + }, + { + "name": "USN-2944-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2944-1" + }, + { + "name": "1033078", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033078" + }, + { + "name": "72644", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72644" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4065.json b/2015/4xxx/CVE-2015-4065.json index f2854b897b1..f4dfc915acd 100644 --- a/2015/4xxx/CVE-2015-4065.json +++ b/2015/4xxx/CVE-2015-4065.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4065", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the post parameter to wp-admin/post-new.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4065", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37108", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37108/" - }, - { - "name" : "http://packetstormsecurity.com/files/132037/WordPress-Landing-Pages-1.8.4-Cross-Site-Scripting-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/132037/WordPress-Landing-Pages-1.8.4-Cross-Site-Scripting-SQL-Injection.html" - }, - { - "name" : "https://wordpress.org/plugins/landing-pages/changelog/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/plugins/landing-pages/changelog/" - }, - { - "name" : "74777", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74777" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the post parameter to wp-admin/post-new.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/132037/WordPress-Landing-Pages-1.8.4-Cross-Site-Scripting-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/132037/WordPress-Landing-Pages-1.8.4-Cross-Site-Scripting-SQL-Injection.html" + }, + { + "name": "https://wordpress.org/plugins/landing-pages/changelog/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/landing-pages/changelog/" + }, + { + "name": "37108", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37108/" + }, + { + "name": "74777", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74777" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4919.json b/2015/4xxx/CVE-2015-4919.json index 17520e7b1f1..96208a11b75 100644 --- a/2015/4xxx/CVE-2015-4919.json +++ b/2015/4xxx/CVE-2015-4919.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4919", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Monitoring and Diagnostics SEC." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-4919", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034722", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034722" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Monitoring and Diagnostics SEC." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034722", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034722" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8034.json b/2015/8xxx/CVE-2015-8034.json index d6406b78d86..8bb7a5fa786 100644 --- a/2015/8xxx/CVE-2015-8034.json +++ b/2015/8xxx/CVE-2015-8034.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8034", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8034", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.saltstack.com/en/latest/topics/releases/2015.8.3.html", - "refsource" : "CONFIRM", - "url" : "https://docs.saltstack.com/en/latest/topics/releases/2015.8.3.html" - }, - { - "name" : "96390", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96390" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "96390", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96390" + }, + { + "name": "https://docs.saltstack.com/en/latest/topics/releases/2015.8.3.html", + "refsource": "CONFIRM", + "url": "https://docs.saltstack.com/en/latest/topics/releases/2015.8.3.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8642.json b/2015/8xxx/CVE-2015-8642.json index ac0900d9d69..44fcd17f02b 100644 --- a/2015/8xxx/CVE-2015-8642.json +++ b/2015/8xxx/CVE-2015-8642.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8642", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8642", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" - }, - { - "name" : "GLSA-201601-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201601-03" - }, - { - "name" : "RHSA-2015:2697", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2697.html" - }, - { - "name" : "SUSE-SU-2015:2401", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html" - }, - { - "name" : "SUSE-SU-2015:2402", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html" - }, - { - "name" : "openSUSE-SU-2015:2400", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html" - }, - { - "name" : "openSUSE-SU-2015:2403", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html" - }, - { - "name" : "79701", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79701" - }, - { - "name" : "1034544", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034544" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:2403", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html" + }, + { + "name": "1034544", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034544" + }, + { + "name": "RHSA-2015:2697", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html" + }, + { + "name": "SUSE-SU-2015:2401", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" + }, + { + "name": "SUSE-SU-2015:2402", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html" + }, + { + "name": "79701", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79701" + }, + { + "name": "openSUSE-SU-2015:2400", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html" + }, + { + "name": "GLSA-201601-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201601-03" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8867.json b/2015/8xxx/CVE-2015-8867.json index cec24bbd3f4..538b8ccc072 100644 --- a/2015/8xxx/CVE-2015-8867.json +++ b/2015/8xxx/CVE-2015-8867.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8867", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8867", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160423 Re: CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/24/1" - }, - { - "name" : "http://git.php.net/?p=php-src.git;a=commit;h=16023f3e3b9c06cf677c3c980e8d574e4c162827", - "refsource" : "CONFIRM", - "url" : "http://git.php.net/?p=php-src.git;a=commit;h=16023f3e3b9c06cf677c3c980e8d574e4c162827" - }, - { - "name" : "http://www.php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php" - }, - { - "name" : "http://www.php.net/ChangeLog-7.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-7.php" - }, - { - "name" : "https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1534203", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1534203" - }, - { - "name" : "https://bugs.php.net/bug.php?id=70014", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=70014" - }, - { - "name" : "RHSA-2016:2750", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html" - }, - { - "name" : "SUSE-SU-2016:1277", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00033.html" - }, - { - "name" : "openSUSE-SU-2016:1274", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00031.html" - }, - { - "name" : "openSUSE-SU-2016:1373", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00056.html" - }, - { - "name" : "USN-2952-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2952-1" - }, - { - "name" : "USN-2952-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2952-2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2952-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2952-1" + }, + { + "name": "http://www.php.net/ChangeLog-7.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-7.php" + }, + { + "name": "https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1534203", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1534203" + }, + { + "name": "RHSA-2016:2750", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" + }, + { + "name": "http://git.php.net/?p=php-src.git;a=commit;h=16023f3e3b9c06cf677c3c980e8d574e4c162827", + "refsource": "CONFIRM", + "url": "http://git.php.net/?p=php-src.git;a=commit;h=16023f3e3b9c06cf677c3c980e8d574e4c162827" + }, + { + "name": "USN-2952-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2952-2" + }, + { + "name": "https://bugs.php.net/bug.php?id=70014", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=70014" + }, + { + "name": "http://www.php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php" + }, + { + "name": "openSUSE-SU-2016:1274", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00031.html" + }, + { + "name": "SUSE-SU-2016:1277", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00033.html" + }, + { + "name": "[oss-security] 20160423 Re: CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/24/1" + }, + { + "name": "openSUSE-SU-2016:1373", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00056.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9016.json b/2015/9xxx/CVE-2015-9016.json index c88dc665c17..b0951be3409 100644 --- a/2015/9xxx/CVE-2015-9016.json +++ b/2015/9xxx/CVE-2015-9016.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2018-02-05T00:00:00", - "ID" : "CVE-2015-9016", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-63083046." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2018-02-05T00:00:00", + "ID": "CVE-2015-9016", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android kernel" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/torvalds/linux/commit/0048b4837affd153897ed1222283492070027aa9", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/0048b4837affd153897ed1222283492070027aa9" - }, - { - "name" : "https://source.android.com/security/bulletin/2018-02-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-02-01" - }, - { - "name" : "DSA-4187", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4187" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-63083046." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-4187", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4187" + }, + { + "name": "https://github.com/torvalds/linux/commit/0048b4837affd153897ed1222283492070027aa9", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/0048b4837affd153897ed1222283492070027aa9" + }, + { + "name": "https://source.android.com/security/bulletin/2018-02-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-02-01" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5417.json b/2016/5xxx/CVE-2016-5417.json index e701005fdf1..a939c49e196 100644 --- a/2016/5xxx/CVE-2016-5417.json +++ b/2016/5xxx/CVE-2016-5417.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-5417", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (memory consumption) by leveraging partial initialization of internal resolver data structures." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-5417", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[libc-alpha] 20160804 The GNU C Library version 2.24 is now available", - "refsource" : "MLIST", - "url" : "https://www.sourceware.org/ml/libc-alpha/2016-08/msg00212.html" - }, - { - "name" : "[oss-security] 20160802 glibc: Per-thread memory leak in __res_vinit with IPv6 nameservers (CVE-2016-5417)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/08/02/5" - }, - { - "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=19257", - "refsource" : "CONFIRM", - "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=19257" - }, - { - "name" : "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=2212c1420c92a33b0e0bd9a34938c9814a56c0f7", - "refsource" : "CONFIRM", - "url" : "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=2212c1420c92a33b0e0bd9a34938c9814a56c0f7" - }, - { - "name" : "92257", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92257" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Memory leak in the __res_vinit function in the IPv6 name server management code in libresolv in GNU C Library (aka glibc or libc6) before 2.24 allows remote attackers to cause a denial of service (memory consumption) by leveraging partial initialization of internal resolver data structures." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=19257", + "refsource": "CONFIRM", + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19257" + }, + { + "name": "92257", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92257" + }, + { + "name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=2212c1420c92a33b0e0bd9a34938c9814a56c0f7", + "refsource": "CONFIRM", + "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=2212c1420c92a33b0e0bd9a34938c9814a56c0f7" + }, + { + "name": "[oss-security] 20160802 glibc: Per-thread memory leak in __res_vinit with IPv6 nameservers (CVE-2016-5417)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/08/02/5" + }, + { + "name": "[libc-alpha] 20160804 The GNU C Library version 2.24 is now available", + "refsource": "MLIST", + "url": "https://www.sourceware.org/ml/libc-alpha/2016-08/msg00212.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/1999xxx/CVE-2018-1999028.json b/2018/1999xxx/CVE-2018-1999028.json index b94d2378d87..d3cda9e1705 100644 --- a/2018/1999xxx/CVE-2018-1999028.json +++ b/2018/1999xxx/CVE-2018-1999028.json @@ -1,65 +1,65 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "kurt@seifried.org", - "DATE_ASSIGNED" : "2018-07-31T15:54:50.969769", - "DATE_REQUESTED" : "2018-07-30T00:00:00", - "ID" : "CVE-2018-1999028", - "REQUESTER" : "ml@beckweb.net", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Jenkins Accurev Plugin", - "version" : { - "version_data" : [ - { - "version_value" : "0.7.16 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Jenkins project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An exposure of sensitive information vulnerability exists in Jenkins Accurev Plugin 0.7.16 and earlier in AccurevSCM.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-285" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2018-07-31T15:54:50.969769", + "DATE_REQUESTED": "2018-07-30T00:00:00", + "ID": "CVE-2018-1999028", + "REQUESTER": "ml@beckweb.net", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://jenkins.io/security/advisory/2018-07-30/#SECURITY-1021", - "refsource" : "CONFIRM", - "url" : "https://jenkins.io/security/advisory/2018-07-30/#SECURITY-1021" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An exposure of sensitive information vulnerability exists in Jenkins Accurev Plugin 0.7.16 and earlier in AccurevSCM.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://jenkins.io/security/advisory/2018-07-30/#SECURITY-1021", + "refsource": "CONFIRM", + "url": "https://jenkins.io/security/advisory/2018-07-30/#SECURITY-1021" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2217.json b/2018/2xxx/CVE-2018-2217.json index 876f61c6678..fa9f41d7acb 100644 --- a/2018/2xxx/CVE-2018-2217.json +++ b/2018/2xxx/CVE-2018-2217.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2217", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2217", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2275.json b/2018/2xxx/CVE-2018-2275.json index fa0eff80cb5..b11445ca841 100644 --- a/2018/2xxx/CVE-2018-2275.json +++ b/2018/2xxx/CVE-2018-2275.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2275", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2275", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2331.json b/2018/2xxx/CVE-2018-2331.json index ca3e0679773..e6a6cf38f23 100644 --- a/2018/2xxx/CVE-2018-2331.json +++ b/2018/2xxx/CVE-2018-2331.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2331", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2331", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2343.json b/2018/2xxx/CVE-2018-2343.json index 87c3e2677ed..04d8c0f9719 100644 --- a/2018/2xxx/CVE-2018-2343.json +++ b/2018/2xxx/CVE-2018-2343.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2343", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2343", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2663.json b/2018/2xxx/CVE-2018-2663.json index d9865cf05b4..59a847d736d 100644 --- a/2018/2xxx/CVE-2018-2663.json +++ b/2018/2xxx/CVE-2018-2663.json @@ -1,180 +1,180 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2663", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Java", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "Java SE: 6u171" - }, - { - "version_affected" : "=", - "version_value" : "7u161" - }, - { - "version_affected" : "=", - "version_value" : "8u152" - }, - { - "version_affected" : "=", - "version_value" : "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2663", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Java", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Java SE: 6u171" + }, + { + "version_affected": "=", + "version_value": "7u161" + }, + { + "version_affected": "=", + "version_value": "8u152" + }, + { + "version_affected": "=", + "version_value": "9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180117-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180117-0001/" - }, - { - "name" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", - "refsource" : "CONFIRM", - "url" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" - }, - { - "name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", - "refsource" : "CONFIRM", - "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" - }, - { - "name" : "DSA-4144", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4144" - }, - { - "name" : "DSA-4166", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4166" - }, - { - "name" : "RHSA-2018:0095", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0095" - }, - { - "name" : "RHSA-2018:0099", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0099" - }, - { - "name" : "RHSA-2018:0100", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0100" - }, - { - "name" : "RHSA-2018:0115", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0115" - }, - { - "name" : "RHSA-2018:0349", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0349" - }, - { - "name" : "RHSA-2018:0351", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0351" - }, - { - "name" : "RHSA-2018:0352", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0352" - }, - { - "name" : "RHSA-2018:0458", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0458" - }, - { - "name" : "RHSA-2018:0521", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0521" - }, - { - "name" : "RHSA-2018:1463", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1463" - }, - { - "name" : "RHSA-2018:1812", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1812" - }, - { - "name" : "USN-3613-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3613-1/" - }, - { - "name" : "USN-3614-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3614-1/" - }, - { - "name" : "102662", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102662" - }, - { - "name" : "1040203", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040203" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "102662", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102662" + }, + { + "name": "RHSA-2018:0351", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0351" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180117-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" + }, + { + "name": "USN-3614-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3614-1/" + }, + { + "name": "DSA-4166", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4166" + }, + { + "name": "RHSA-2018:0095", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0095" + }, + { + "name": "DSA-4144", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4144" + }, + { + "name": "RHSA-2018:0521", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0521" + }, + { + "name": "RHSA-2018:0352", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0352" + }, + { + "name": "RHSA-2018:0115", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0115" + }, + { + "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", + "refsource": "CONFIRM", + "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" + }, + { + "name": "[debian-lts-announce] 20180403 [SECURITY] [DLA 1339-1] openjdk-7 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" + }, + { + "name": "RHSA-2018:1812", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1812" + }, + { + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", + "refsource": "CONFIRM", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" + }, + { + "name": "RHSA-2018:0099", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0099" + }, + { + "name": "RHSA-2018:1463", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1463" + }, + { + "name": "RHSA-2018:0458", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0458" + }, + { + "name": "RHSA-2018:0349", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0349" + }, + { + "name": "1040203", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040203" + }, + { + "name": "USN-3613-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3613-1/" + }, + { + "name": "RHSA-2018:0100", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0100" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2694.json b/2018/2xxx/CVE-2018-2694.json index cbcafedbf00..75f099153f1 100644 --- a/2018/2xxx/CVE-2018-2694.json +++ b/2018/2xxx/CVE-2018-2694.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2694", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "VM VirtualBox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "5.1.32" - }, - { - "version_affected" : "<", - "version_value" : "5.2.6" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2694", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "VM VirtualBox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.1.32" + }, + { + "version_affected": "<", + "version_value": "5.2.6" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "102687", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102687" - }, - { - "name" : "1040202", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040202" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "1040202", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040202" + }, + { + "name": "102687", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102687" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6123.json b/2018/6xxx/CVE-2018-6123.json index c4493ff1c5f..bca91e5641f 100644 --- a/2018/6xxx/CVE-2018-6123.json +++ b/2018/6xxx/CVE-2018-6123.json @@ -1,88 +1,88 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "chrome-cve-admin@google.com", - "ID" : "CVE-2018-6123", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Chrome", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "67.0.3396.62" - } - ] - } - } - ] - }, - "vendor_name" : "Google" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A use after free in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Use after free" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2018-6123", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "67.0.3396.62" + } + ] + } + } + ] + }, + "vendor_name": "Google" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://crbug.com/835639", - "refsource" : "MISC", - "url" : "https://crbug.com/835639" - }, - { - "name" : "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html" - }, - { - "name" : "DSA-4237", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4237" - }, - { - "name" : "RHSA-2018:1815", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1815" - }, - { - "name" : "104309", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104309" - }, - { - "name" : "1041014", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041014" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A use after free in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use after free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "104309", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104309" + }, + { + "name": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html" + }, + { + "name": "1041014", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041014" + }, + { + "name": "RHSA-2018:1815", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1815" + }, + { + "name": "https://crbug.com/835639", + "refsource": "MISC", + "url": "https://crbug.com/835639" + }, + { + "name": "DSA-4237", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4237" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6246.json b/2018/6xxx/CVE-2018-6246.json index 978ee6ceddf..ef253dff546 100644 --- a/2018/6xxx/CVE-2018-6246.json +++ b/2018/6xxx/CVE-2018-6246.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@nvidia.com", - "DATE_PUBLIC" : "2018-05-07T00:00:00", - "ID" : "CVE-2018-6246", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "NA" - } - ] - } - } - ] - }, - "vendor_name" : "Nvidia Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. This issue is rated as moderate. Android: A-69383916. Reference: N-CVE-2018-6246." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@nvidia.com", + "DATE_PUBLIC": "2018-05-07T00:00:00", + "ID": "CVE-2018-6246", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "NA" + } + ] + } + } + ] + }, + "vendor_name": "Nvidia Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/pixel/2018-05-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/pixel/2018-05-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. This issue is rated as moderate. Android: A-69383916. Reference: N-CVE-2018-6246." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/pixel/2018-05-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/pixel/2018-05-01" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6594.json b/2018/6xxx/CVE-2018-6594.json index aa9991274a9..f4f4d434bbf 100644 --- a/2018/6xxx/CVE-2018-6594.json +++ b/2018/6xxx/CVE-2018-6594.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6594", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto's ElGamal implementation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6594", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180215 [SECURITY] [DLA 1283-1] python-crypto security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/02/msg00018.html" - }, - { - "name" : "https://github.com/TElgamal/attack-on-pycrypto-elgamal", - "refsource" : "MISC", - "url" : "https://github.com/TElgamal/attack-on-pycrypto-elgamal" - }, - { - "name" : "https://github.com/dlitz/pycrypto/issues/253", - "refsource" : "MISC", - "url" : "https://github.com/dlitz/pycrypto/issues/253" - }, - { - "name" : "USN-3616-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3616-1/" - }, - { - "name" : "USN-3616-2", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3616-2/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto's ElGamal implementation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/TElgamal/attack-on-pycrypto-elgamal", + "refsource": "MISC", + "url": "https://github.com/TElgamal/attack-on-pycrypto-elgamal" + }, + { + "name": "USN-3616-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3616-1/" + }, + { + "name": "https://github.com/dlitz/pycrypto/issues/253", + "refsource": "MISC", + "url": "https://github.com/dlitz/pycrypto/issues/253" + }, + { + "name": "[debian-lts-announce] 20180215 [SECURITY] [DLA 1283-1] python-crypto security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00018.html" + }, + { + "name": "USN-3616-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3616-2/" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6951.json b/2018/6xxx/CVE-2018-6951.json index 3576835540a..815c22e57ca 100644 --- a/2018/6xxx/CVE-2018-6951.json +++ b/2018/6xxx/CVE-2018-6951.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6951", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a \"mangled rename\" issue." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6951", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a", - "refsource" : "MISC", - "url" : "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a" - }, - { - "name" : "https://savannah.gnu.org/bugs/index.php?53132", - "refsource" : "MISC", - "url" : "https://savannah.gnu.org/bugs/index.php?53132" - }, - { - "name" : "USN-3624-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3624-1/" - }, - { - "name" : "103044", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103044" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a \"mangled rename\" issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3624-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3624-1/" + }, + { + "name": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a", + "refsource": "MISC", + "url": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a" + }, + { + "name": "103044", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103044" + }, + { + "name": "https://savannah.gnu.org/bugs/index.php?53132", + "refsource": "MISC", + "url": "https://savannah.gnu.org/bugs/index.php?53132" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7264.json b/2018/7xxx/CVE-2018-7264.json index db491ee532e..83c51ab9f2b 100644 --- a/2018/7xxx/CVE-2018-7264.json +++ b/2018/7xxx/CVE-2018-7264.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7264", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Pictview image processing library embedded in the ActivePDF toolkit through 2018.1.0.18321 is prone to multiple out of bounds write and sign errors, allowing a remote attacker to execute arbitrary code on vulnerable applications using the ActivePDF Toolkit to process untrusted images." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7264", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44251", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44251/" - }, - { - "name" : "20180227 ActivePDF Toolkit < 8.1.0 multiple RCE", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2018/Feb/74" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Pictview image processing library embedded in the ActivePDF toolkit through 2018.1.0.18321 is prone to multiple out of bounds write and sign errors, allowing a remote attacker to execute arbitrary code on vulnerable applications using the ActivePDF Toolkit to process untrusted images." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "44251", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44251/" + }, + { + "name": "20180227 ActivePDF Toolkit < 8.1.0 multiple RCE", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2018/Feb/74" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7293.json b/2018/7xxx/CVE-2018-7293.json index 1af269fbf29..9ed481e6652 100644 --- a/2018/7xxx/CVE-2018-7293.json +++ b/2018/7xxx/CVE-2018-7293.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7293", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7293", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7365.json b/2018/7xxx/CVE-2018-7365.json index 4b5050f1a88..3406b0d8a41 100644 --- a/2018/7xxx/CVE-2018-7365.json +++ b/2018/7xxx/CVE-2018-7365.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@zte.com.cn", - "ID" : "CVE-2018-7365", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "uSmartView", - "version" : { - "version_data" : [ - { - "affected" : "<=", - "version_value" : "ZXCLOUD iRAI V5.01.05" - } - ] - } - } - ] - }, - "vendor_name" : "ZTE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "HIGH", - "attackVector" : "NETWORK", - "availabilityImpact" : "LOW", - "baseScore" : 5.1, - "baseSeverity" : "MEDIUM", - "confidentialityImpact" : "LOW", - "integrityImpact" : "LOW", - "privilegesRequired" : "HIGH", - "scope" : "CHANGED", - "userInteraction" : "REQUIRED", - "vectorString" : "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-426: Untrusted Search Path" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@zte.com.cn", + "ID": "CVE-2018-7365", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "uSmartView", + "version": { + "version_data": [ + { + "affected": "<=", + "version_value": "ZXCLOUD iRAI V5.01.05" + } + ] + } + } + ] + }, + "vendor_name": "ZTE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010005", - "refsource" : "CONFIRM", - "url" : "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010005" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-426: Untrusted Search Path" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010005", + "refsource": "CONFIRM", + "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010005" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7407.json b/2018/7xxx/CVE-2018-7407.json index a793da75228..fc1468c0849 100644 --- a/2018/7xxx/CVE-2018-7407.json +++ b/2018/7xxx/CVE-2018-7407.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7407", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. This vulnerability allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when rendering U3D images inside of pdf files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this to execute code in the context of the current process." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7407", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://srcincite.io/advisories/src-2018-0018/", - "refsource" : "MISC", - "url" : "https://srcincite.io/advisories/src-2018-0018/" - }, - { - "name" : "https://www.foxitsoftware.com/support/security-bulletins.php", - "refsource" : "CONFIRM", - "url" : "https://www.foxitsoftware.com/support/security-bulletins.php" - }, - { - "name" : "104300", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104300" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. This vulnerability allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when rendering U3D images inside of pdf files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this to execute code in the context of the current process." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.foxitsoftware.com/support/security-bulletins.php", + "refsource": "CONFIRM", + "url": "https://www.foxitsoftware.com/support/security-bulletins.php" + }, + { + "name": "104300", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104300" + }, + { + "name": "https://srcincite.io/advisories/src-2018-0018/", + "refsource": "MISC", + "url": "https://srcincite.io/advisories/src-2018-0018/" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1164.json b/2019/1xxx/CVE-2019-1164.json index 51e3830b17a..42006dbff35 100644 --- a/2019/1xxx/CVE-2019-1164.json +++ b/2019/1xxx/CVE-2019-1164.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1164", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1164", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1251.json b/2019/1xxx/CVE-2019-1251.json index dbb69713a3e..d8bd5c0c914 100644 --- a/2019/1xxx/CVE-2019-1251.json +++ b/2019/1xxx/CVE-2019-1251.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1251", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1251", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1592.json b/2019/1xxx/CVE-2019-1592.json index 308c9b33461..b6169725482 100644 --- a/2019/1xxx/CVE-2019-1592.json +++ b/2019/1xxx/CVE-2019-1592.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1592", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1592", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5143.json b/2019/5xxx/CVE-2019-5143.json index 72547866885..e7d36803a14 100644 --- a/2019/5xxx/CVE-2019-5143.json +++ b/2019/5xxx/CVE-2019-5143.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5143", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5143", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5274.json b/2019/5xxx/CVE-2019-5274.json index f9d75dd432f..1d5bd705eaa 100644 --- a/2019/5xxx/CVE-2019-5274.json +++ b/2019/5xxx/CVE-2019-5274.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5274", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5274", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5276.json b/2019/5xxx/CVE-2019-5276.json index 423fdbe74f3..0d7d909dfff 100644 --- a/2019/5xxx/CVE-2019-5276.json +++ b/2019/5xxx/CVE-2019-5276.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5276", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5276", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5815.json b/2019/5xxx/CVE-2019-5815.json index 53d50e4449e..cf012be9975 100644 --- a/2019/5xxx/CVE-2019-5815.json +++ b/2019/5xxx/CVE-2019-5815.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5815", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5815", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file