diff --git a/1999/0xxx/CVE-1999-0263.json b/1999/0xxx/CVE-1999-0263.json index 8449f96b80a..997b81c1575 100644 --- a/1999/0xxx/CVE-1999-0263.json +++ b/1999/0xxx/CVE-1999-0263.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0263", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Solaris SUNWadmap can be exploited to obtain root access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0263", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "00173", - "refsource" : "SUN", - "url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/173" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Solaris SUNWadmap can be exploited to obtain root access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "00173", + "refsource": "SUN", + "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/173" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2314.json b/2005/2xxx/CVE-2005-2314.json index a0ebd28107e..134e540198f 100644 --- a/2005/2xxx/CVE-2005-2314.json +++ b/2005/2xxx/CVE-2005-2314.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2314", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote attackers to obtain the administrator's username and password by setting the do_login parameter and performing an edit action using user.php, which causes the login check to be bypassed and leaks the password in the response." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2314", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050713 PHPsFTPd - Admin password leak", - "refsource" : "BUGTRAQ", - "url" : "http://cert.uni-stuttgart.de/archive/bugtraq/2005/07/msg00209.html" - }, - { - "name" : "http://packetstorm.linuxsecurity.com/0507-exploits/phpsftpd.txt", - "refsource" : "MISC", - "url" : "http://packetstorm.linuxsecurity.com/0507-exploits/phpsftpd.txt" - }, - { - "name" : "14222", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14222" - }, - { - "name" : "ADV-2005-1101", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/1101" - }, - { - "name" : "1014481", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014481" - }, - { - "name" : "15879", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15879" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote attackers to obtain the administrator's username and password by setting the do_login parameter and performing an edit action using user.php, which causes the login check to be bypassed and leaks the password in the response." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20050713 PHPsFTPd - Admin password leak", + "refsource": "BUGTRAQ", + "url": "http://cert.uni-stuttgart.de/archive/bugtraq/2005/07/msg00209.html" + }, + { + "name": "ADV-2005-1101", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/1101" + }, + { + "name": "14222", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14222" + }, + { + "name": "http://packetstorm.linuxsecurity.com/0507-exploits/phpsftpd.txt", + "refsource": "MISC", + "url": "http://packetstorm.linuxsecurity.com/0507-exploits/phpsftpd.txt" + }, + { + "name": "15879", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15879" + }, + { + "name": "1014481", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014481" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2636.json b/2005/2xxx/CVE-2005-2636.json index 37890bcd1c9..22bc6c95f31 100644 --- a/2005/2xxx/CVE-2005-2636.json +++ b/2005/2xxx/CVE-2005-2636.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2636", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in lib-view-direct.inc.php in phpAdsNew and phpPgAds before 2.0.6 allows remote attackers to execute arbitrary SQL commands via the clientid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2636", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050817 [PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112431497300344&w=2" - }, - { - "name" : "14583", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14583" - }, - { - "name" : "14588", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14588" - }, - { - "name" : "16469", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16469/" - }, - { - "name" : "phppgads-libviewdirect-sql-injection(21879)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21879" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in lib-view-direct.inc.php in phpAdsNew and phpPgAds before 2.0.6 allows remote attackers to execute arbitrary SQL commands via the clientid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16469", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16469/" + }, + { + "name": "20050817 [PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112431497300344&w=2" + }, + { + "name": "14588", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14588" + }, + { + "name": "14583", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14583" + }, + { + "name": "phppgads-libviewdirect-sql-injection(21879)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21879" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1014.json b/2007/1xxx/CVE-2007-1014.json index 6221124c387..9a600be1e49 100644 --- a/2007/1xxx/CVE-2007-1014.json +++ b/2007/1xxx/CVE-2007-1014.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1014", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in VicFTPS before 5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long CWD command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1014", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3331", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3331" - }, - { - "name" : "http://vicftps.50webs.com/", - "refsource" : "CONFIRM", - "url" : "http://vicftps.50webs.com/" - }, - { - "name" : "22608", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22608" - }, - { - "name" : "ADV-2007-0648", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0648" - }, - { - "name" : "33227", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33227" - }, - { - "name" : "24161", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24161" - }, - { - "name" : "vicftps-cwd-bo(32557)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32557" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in VicFTPS before 5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long CWD command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22608", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22608" + }, + { + "name": "ADV-2007-0648", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0648" + }, + { + "name": "33227", + "refsource": "OSVDB", + "url": "http://osvdb.org/33227" + }, + { + "name": "http://vicftps.50webs.com/", + "refsource": "CONFIRM", + "url": "http://vicftps.50webs.com/" + }, + { + "name": "3331", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3331" + }, + { + "name": "24161", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24161" + }, + { + "name": "vicftps-cwd-bo(32557)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32557" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1545.json b/2007/1xxx/CVE-2007-1545.json index 8147696b715..a6d3191108d 100644 --- a/2007/1xxx/CVE-2007-1545.json +++ b/2007/1xxx/CVE-2007-1545.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1545", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1545", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070403 FLEA-2007-0007-1: nas", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464606/30/7230/threaded" - }, - { - "name" : "http://aluigi.altervista.org/adv/nasbugs-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/nasbugs-adv.txt" - }, - { - "name" : "http://www.radscan.com/nas/HISTORY", - "refsource" : "CONFIRM", - "url" : "http://www.radscan.com/nas/HISTORY" - }, - { - "name" : "DSA-1273", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1273" - }, - { - "name" : "GLSA-200704-20", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200704-20.xml" - }, - { - "name" : "MDKSA-2007:065", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065" - }, - { - "name" : "USN-446-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-446-1" - }, - { - "name" : "23017", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23017" - }, - { - "name" : "ADV-2007-0997", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0997" - }, - { - "name" : "1017822", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017822" - }, - { - "name" : "24527", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24527" - }, - { - "name" : "24601", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24601" - }, - { - "name" : "24628", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24628" - }, - { - "name" : "24638", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24638" - }, - { - "name" : "24980", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24980" - }, - { - "name" : "nas-addresource-dos(33050)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33050" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDKSA-2007:065", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065" + }, + { + "name": "1017822", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017822" + }, + { + "name": "24980", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24980" + }, + { + "name": "24527", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24527" + }, + { + "name": "23017", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23017" + }, + { + "name": "24601", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24601" + }, + { + "name": "USN-446-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-446-1" + }, + { + "name": "24628", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24628" + }, + { + "name": "GLSA-200704-20", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200704-20.xml" + }, + { + "name": "ADV-2007-0997", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0997" + }, + { + "name": "nas-addresource-dos(33050)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33050" + }, + { + "name": "20070403 FLEA-2007-0007-1: nas", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded" + }, + { + "name": "24638", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24638" + }, + { + "name": "http://aluigi.altervista.org/adv/nasbugs-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt" + }, + { + "name": "DSA-1273", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1273" + }, + { + "name": "http://www.radscan.com/nas/HISTORY", + "refsource": "CONFIRM", + "url": "http://www.radscan.com/nas/HISTORY" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1596.json b/2007/1xxx/CVE-2007-1596.json index 2ecb579666e..2b156042501 100644 --- a/2007/1xxx/CVE-2007-1596.json +++ b/2007/1xxx/CVE-2007-1596.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1596", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in the NFN Address Book (com_nfn_addressbook) 0.4 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) components/com_nfn_addressbook/nfnaddressbook.php or (2) administrator/components/com_nfn_addressbook/nfnaddressbook.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1596", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3539", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3539" - }, - { - "name" : "23092", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23092" - }, - { - "name" : "ADV-2007-1073", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1073" - }, - { - "name" : "43553", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43553" - }, - { - "name" : "43554", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43554" - }, - { - "name" : "nfnaddressbook-nfnaddressbook-file-include(33133)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33133" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in the NFN Address Book (com_nfn_addressbook) 0.4 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) components/com_nfn_addressbook/nfnaddressbook.php or (2) administrator/components/com_nfn_addressbook/nfnaddressbook.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43554", + "refsource": "OSVDB", + "url": "http://osvdb.org/43554" + }, + { + "name": "ADV-2007-1073", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1073" + }, + { + "name": "nfnaddressbook-nfnaddressbook-file-include(33133)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33133" + }, + { + "name": "43553", + "refsource": "OSVDB", + "url": "http://osvdb.org/43553" + }, + { + "name": "23092", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23092" + }, + { + "name": "3539", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3539" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1893.json b/2007/1xxx/CVE-2007-1893.json index d6698147c3c..293db8faab7 100644 --- a/2007/1xxx/CVE-2007-1893.json +++ b/2007/1xxx/CVE-2007-1893.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1893", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users with the contributor role to bypass intended access restrictions and invoke the publish_posts functionality, which can be used to \"publish a previously saved post.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1893", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.notsosecure.com/folder2/2007/04/03/wordpress-212-xmlrpc-security-issues/", - "refsource" : "MISC", - "url" : "http://www.notsosecure.com/folder2/2007/04/03/wordpress-212-xmlrpc-security-issues/" - }, - { - "name" : "http://trac.wordpress.org/ticket/4091", - "refsource" : "CONFIRM", - "url" : "http://trac.wordpress.org/ticket/4091" - }, - { - "name" : "DSA-1285", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1285" - }, - { - "name" : "ADV-2007-1245", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1245" - }, - { - "name" : "24751", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24751" - }, - { - "name" : "25108", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25108" - }, - { - "name" : "wordpress-xmlrpc-security-bypass(33470)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33470" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users with the contributor role to bypass intended access restrictions and invoke the publish_posts functionality, which can be used to \"publish a previously saved post.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1245", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1245" + }, + { + "name": "25108", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25108" + }, + { + "name": "wordpress-xmlrpc-security-bypass(33470)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33470" + }, + { + "name": "http://trac.wordpress.org/ticket/4091", + "refsource": "CONFIRM", + "url": "http://trac.wordpress.org/ticket/4091" + }, + { + "name": "http://www.notsosecure.com/folder2/2007/04/03/wordpress-212-xmlrpc-security-issues/", + "refsource": "MISC", + "url": "http://www.notsosecure.com/folder2/2007/04/03/wordpress-212-xmlrpc-security-issues/" + }, + { + "name": "24751", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24751" + }, + { + "name": "DSA-1285", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1285" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5009.json b/2007/5xxx/CVE-2007-5009.json index fa8e29fe848..b84b10b0da2 100644 --- a/2007/5xxx/CVE-2007-5009.json +++ b/2007/5xxx/CVE-2007-5009.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5009", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in language/lang_german/lang_main_album.php in phpBB Plus 1.53, and 1.53a before 20070922, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5009", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070919 PHPBBPLUS 1.5.3 RFI BUG", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=119022976831594&w=2" - }, - { - "name" : "4434", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4434" - }, - { - "name" : "http://www.phpbb2.de/ftopic45218.html", - "refsource" : "CONFIRM", - "url" : "http://www.phpbb2.de/ftopic45218.html" - }, - { - "name" : "25737", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25737" - }, - { - "name" : "ADV-2007-3247", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3247" - }, - { - "name" : "38265", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38265" - }, - { - "name" : "26888", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26888" - }, - { - "name" : "phpbbplus-langmainalbum-file-include(36697)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36697" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in language/lang_german/lang_main_album.php in phpBB Plus 1.53, and 1.53a before 20070922, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26888", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26888" + }, + { + "name": "ADV-2007-3247", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3247" + }, + { + "name": "phpbbplus-langmainalbum-file-include(36697)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36697" + }, + { + "name": "4434", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4434" + }, + { + "name": "38265", + "refsource": "OSVDB", + "url": "http://osvdb.org/38265" + }, + { + "name": "http://www.phpbb2.de/ftopic45218.html", + "refsource": "CONFIRM", + "url": "http://www.phpbb2.de/ftopic45218.html" + }, + { + "name": "25737", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25737" + }, + { + "name": "20070919 PHPBBPLUS 1.5.3 RFI BUG", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=119022976831594&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5167.json b/2007/5xxx/CVE-2007-5167.json index 0ee05db2f5f..806c2e364bf 100644 --- a/2007/5xxx/CVE-2007-5167.json +++ b/2007/5xxx/CVE-2007-5167.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5167", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in .systeme/fonctions.php in phpLister 0.5-pre2 allows remote attackers to execute arbitrary PHP code via a URL in the nom_rep_systeme parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5167", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://arfis.wordpress.com/2007/09/14/rfi-02-phplister/", - "refsource" : "MISC", - "url" : "http://arfis.wordpress.com/2007/09/14/rfi-02-phplister/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in .systeme/fonctions.php in phpLister 0.5-pre2 allows remote attackers to execute arbitrary PHP code via a URL in the nom_rep_systeme parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://arfis.wordpress.com/2007/09/14/rfi-02-phplister/", + "refsource": "MISC", + "url": "http://arfis.wordpress.com/2007/09/14/rfi-02-phplister/" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5277.json b/2007/5xxx/CVE-2007-5277.json index d1aac2e7b13..6e1d209a903 100644 --- a/2007/5xxx/CVE-2007-5277.json +++ b/2007/5xxx/CVE-2007-5277.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5277", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 6 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80, a different issue than CVE-2006-4560." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5277", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://crypto.stanford.edu/dns/dns-rebinding.pdf", - "refsource" : "MISC", - "url" : "http://crypto.stanford.edu/dns/dns-rebinding.pdf" - }, - { - "name" : "45525", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45525" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 6 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80, a different issue than CVE-2006-4560." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45525", + "refsource": "OSVDB", + "url": "http://osvdb.org/45525" + }, + { + "name": "http://crypto.stanford.edu/dns/dns-rebinding.pdf", + "refsource": "MISC", + "url": "http://crypto.stanford.edu/dns/dns-rebinding.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5655.json b/2007/5xxx/CVE-2007-5655.json index 840acf7004a..58ddc92b284 100644 --- a/2007/5xxx/CVE-2007-5655.json +++ b/2007/5xxx/CVE-2007-5655.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5655", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5655", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Pointer Vulnerabilities", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639" - }, - { - "name" : "http://www.tibco.com/mk/advisory.jsp", - "refsource" : "CONFIRM", - "url" : "http://www.tibco.com/mk/advisory.jsp" - }, - { - "name" : "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt", - "refsource" : "CONFIRM", - "url" : "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt" - }, - { - "name" : "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt", - "refsource" : "CONFIRM", - "url" : "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt" - }, - { - "name" : "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt", - "refsource" : "CONFIRM", - "url" : "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt" - }, - { - "name" : "27292", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27292" - }, - { - "name" : "ADV-2008-0173", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0173" - }, - { - "name" : "1019193", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019193" - }, - { - "name" : "28490", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28490" - }, - { - "name" : "tibco-rtserver-pointer-code-execution(39705)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39705" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt", + "refsource": "CONFIRM", + "url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt" + }, + { + "name": "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Pointer Vulnerabilities", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639" + }, + { + "name": "28490", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28490" + }, + { + "name": "27292", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27292" + }, + { + "name": "1019193", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019193" + }, + { + "name": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt", + "refsource": "CONFIRM", + "url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt" + }, + { + "name": "tibco-rtserver-pointer-code-execution(39705)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39705" + }, + { + "name": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt", + "refsource": "CONFIRM", + "url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt" + }, + { + "name": "http://www.tibco.com/mk/advisory.jsp", + "refsource": "CONFIRM", + "url": "http://www.tibco.com/mk/advisory.jsp" + }, + { + "name": "ADV-2008-0173", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0173" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5945.json b/2007/5xxx/CVE-2007-5945.json index a26f291e765..01815a49707 100644 --- a/2007/5xxx/CVE-2007-5945.json +++ b/2007/5xxx/CVE-2007-5945.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5945", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "USVN before 0.6.5 allows remote attackers to obtain a list of repository contents via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5945", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://forum.usvn.info/viewtopic.php?f=4&t=320", - "refsource" : "CONFIRM", - "url" : "http://forum.usvn.info/viewtopic.php?f=4&t=320" - }, - { - "name" : "http://www.usvn.info/news/", - "refsource" : "CONFIRM", - "url" : "http://www.usvn.info/news/" - }, - { - "name" : "26384", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26384" - }, - { - "name" : "39862", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39862" - }, - { - "name" : "27521", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27521" - }, - { - "name" : "usvn-subversion-information-disclosure(38365)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38365" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "USVN before 0.6.5 allows remote attackers to obtain a list of repository contents via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "usvn-subversion-information-disclosure(38365)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38365" + }, + { + "name": "http://forum.usvn.info/viewtopic.php?f=4&t=320", + "refsource": "CONFIRM", + "url": "http://forum.usvn.info/viewtopic.php?f=4&t=320" + }, + { + "name": "39862", + "refsource": "OSVDB", + "url": "http://osvdb.org/39862" + }, + { + "name": "http://www.usvn.info/news/", + "refsource": "CONFIRM", + "url": "http://www.usvn.info/news/" + }, + { + "name": "26384", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26384" + }, + { + "name": "27521", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27521" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2816.json b/2009/2xxx/CVE-2009-2816.json index 166a9c6f91e..b4ea96ceb76 100644 --- a/2009/2xxx/CVE-2009-2816.json +++ b/2009/2xxx/CVE-2009-2816.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2816", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2816", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT3949", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3949" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=525789", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=525789" - }, - { - "name" : "http://support.apple.com/kb/HT4225", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4225" - }, - { - "name" : "APPLE-SA-2009-11-11-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html" - }, - { - "name" : "APPLE-SA-2010-06-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" - }, - { - "name" : "FEDORA-2009-11487", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00545.html" - }, - { - "name" : "FEDORA-2009-11491", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00549.html" - }, - { - "name" : "SUSE-SR:2011:002", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" - }, - { - "name" : "36997", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36997" - }, - { - "name" : "59967", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/59967" - }, - { - "name" : "59940", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/59940" - }, - { - "name" : "oval:org.mitre.oval:def:6516", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6516" - }, - { - "name" : "1023165", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1023165" - }, - { - "name" : "37397", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37397" - }, - { - "name" : "37346", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37346" - }, - { - "name" : "37358", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37358" - }, - { - "name" : "37393", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37393" - }, - { - "name" : "43068", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43068" - }, - { - "name" : "ADV-2009-3217", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3217" - }, - { - "name" : "ADV-2009-3233", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3233" - }, - { - "name" : "ADV-2011-0212", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0212" - }, - { - "name" : "safari-crossorigin-csrf(54239)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54239" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43068", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43068" + }, + { + "name": "ADV-2009-3233", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3233" + }, + { + "name": "APPLE-SA-2009-11-11-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html" + }, + { + "name": "ADV-2009-3217", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3217" + }, + { + "name": "ADV-2011-0212", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0212" + }, + { + "name": "http://support.apple.com/kb/HT4225", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4225" + }, + { + "name": "FEDORA-2009-11487", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00545.html" + }, + { + "name": "59967", + "refsource": "OSVDB", + "url": "http://osvdb.org/59967" + }, + { + "name": "36997", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36997" + }, + { + "name": "http://support.apple.com/kb/HT3949", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3949" + }, + { + "name": "1023165", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1023165" + }, + { + "name": "oval:org.mitre.oval:def:6516", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6516" + }, + { + "name": "SUSE-SR:2011:002", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" + }, + { + "name": "safari-crossorigin-csrf(54239)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54239" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=525789", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=525789" + }, + { + "name": "FEDORA-2009-11491", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00549.html" + }, + { + "name": "37358", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37358" + }, + { + "name": "59940", + "refsource": "OSVDB", + "url": "http://osvdb.org/59940" + }, + { + "name": "37397", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37397" + }, + { + "name": "37393", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37393" + }, + { + "name": "APPLE-SA-2010-06-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" + }, + { + "name": "37346", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37346" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0818.json b/2015/0xxx/CVE-2015-0818.json index 56d940e7c5f..0e02f5e36b8 100644 --- a/2015/0xxx/CVE-2015-0818.json +++ b/2015/0xxx/CVE-2015-0818.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0818", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-0818", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-28.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-28.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1144988", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1144988" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" - }, - { - "name" : "DSA-3201", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3201" - }, - { - "name" : "GLSA-201504-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-01" - }, - { - "name" : "RHSA-2015:0718", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0718.html" - }, - { - "name" : "openSUSE-SU-2015:0567", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html" - }, - { - "name" : "SUSE-SU-2015:0593", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00029.html" - }, - { - "name" : "SUSE-SU-2015:0630", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00035.html" - }, - { - "name" : "openSUSE-SU-2015:0636", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-03/msg00096.html" - }, - { - "name" : "USN-2538-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2538-1" - }, - { - "name" : "73265", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73265" - }, - { - "name" : "1031959", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031959" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:0636", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00096.html" + }, + { + "name": "openSUSE-SU-2015:0567", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00026.html" + }, + { + "name": "GLSA-201504-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-01" + }, + { + "name": "73265", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73265" + }, + { + "name": "RHSA-2015:0718", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0718.html" + }, + { + "name": "DSA-3201", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3201" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-28.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-28.html" + }, + { + "name": "SUSE-SU-2015:0630", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00035.html" + }, + { + "name": "1031959", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031959" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1144988", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1144988" + }, + { + "name": "SUSE-SU-2015:0593", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00029.html" + }, + { + "name": "USN-2538-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2538-1" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3406.json b/2015/3xxx/CVE-2015-3406.json index 716ee51a353..124afebad48 100644 --- a/2015/3xxx/CVE-2015-3406.json +++ b/2015/3xxx/CVE-2015-3406.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3406", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3406", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3973.json b/2015/3xxx/CVE-2015-3973.json index 7757ad36fcd..ab9faf46701 100644 --- a/2015/3xxx/CVE-2015-3973.json +++ b/2015/3xxx/CVE-2015-3973.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3973", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Janitza UMG 508, 509, 511, 604, and 605 devices improperly generate session tokens, which makes it easier for remote attackers to determine a PIN value via unspecified computations on session-token values." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-3973", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-265-03", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-265-03" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Janitza UMG 508, 509, 511, 604, and 605 devices improperly generate session tokens, which makes it easier for remote attackers to determine a PIN value via unspecified computations on session-token values." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-265-03", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-265-03" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4128.json b/2015/4xxx/CVE-2015-4128.json index f5fcc040645..4bb13970fc0 100644 --- a/2015/4xxx/CVE-2015-4128.json +++ b/2015/4xxx/CVE-2015-4128.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4128", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4128", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4229.json b/2015/4xxx/CVE-2015-4229.json index eb55a73ee55..2768792a141 100644 --- a/2015/4xxx/CVE-2015-4229.json +++ b/2015/4xxx/CVE-2015-4229.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4229", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web framework in Cisco Unified Communications Domain Manager 8.1(4)ER1 allows remote attackers to obtain sensitive information by visiting a bvsmweb URL, aka Bug ID CSCuq22589." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-4229", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150629 Cisco Unified Communications Domain Manager Information Disclosure Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=39557" - }, - { - "name" : "75473", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75473" - }, - { - "name" : "1032749", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032749" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web framework in Cisco Unified Communications Domain Manager 8.1(4)ER1 allows remote attackers to obtain sensitive information by visiting a bvsmweb URL, aka Bug ID CSCuq22589." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032749", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032749" + }, + { + "name": "75473", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75473" + }, + { + "name": "20150629 Cisco Unified Communications Domain Manager Information Disclosure Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39557" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4645.json b/2015/4xxx/CVE-2015-4645.json index 81de98b2872..bd3b2c5aba0 100644 --- a/2015/4xxx/CVE-2015-4645.json +++ b/2015/4xxx/CVE-2015-4645.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4645", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4645", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/devttys0/sasquatch/pull/5", - "refsource" : "MISC", - "url" : "https://github.com/devttys0/sasquatch/pull/5" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1234886", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1234886" - }, - { - "name" : "FEDORA-2015-10750", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162171.html" - }, - { - "name" : "FEDORA-2015-10760", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162226.html" - }, - { - "name" : "GLSA-201701-73", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-73" - }, - { - "name" : "75272", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75272" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2015-10750", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162171.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1234886", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1234886" + }, + { + "name": "https://github.com/devttys0/sasquatch/pull/5", + "refsource": "MISC", + "url": "https://github.com/devttys0/sasquatch/pull/5" + }, + { + "name": "FEDORA-2015-10760", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162226.html" + }, + { + "name": "75272", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75272" + }, + { + "name": "GLSA-201701-73", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-73" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8137.json b/2015/8xxx/CVE-2015-8137.json index 9afe473f596..8fa185f0987 100644 --- a/2015/8xxx/CVE-2015-8137.json +++ b/2015/8xxx/CVE-2015-8137.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8137", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8137", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8485.json b/2015/8xxx/CVE-2015-8485.json index 965e53abdad..8aaf93c8ffc 100644 --- a/2015/8xxx/CVE-2015-8485.json +++ b/2015/8xxx/CVE-2015-8485.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8485", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary posting titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8486, and CVE-2016-1152." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-8485", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://cs.cybozu.co.jp/2015/006077.html", - "refsource" : "CONFIRM", - "url" : "https://cs.cybozu.co.jp/2015/006077.html" - }, - { - "name" : "JVN#48720230", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN48720230/index.html" - }, - { - "name" : "JVNDB-2016-000023", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000023" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary posting titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8486, and CVE-2016-1152." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000023", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000023" + }, + { + "name": "https://cs.cybozu.co.jp/2015/006077.html", + "refsource": "CONFIRM", + "url": "https://cs.cybozu.co.jp/2015/006077.html" + }, + { + "name": "JVN#48720230", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN48720230/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8625.json b/2015/8xxx/CVE-2015-8625.json index 7630296d23f..90242d0b958 100644 --- a/2015/8xxx/CVE-2015-8625.json +++ b/2015/8xxx/CVE-2015-8625.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8625", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly sanitize parameters when calling the cURL library, which allows remote attackers to read arbitrary files via an @ (at sign) character in unspecified POST array parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8625", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[MediaWiki-announce] 20151221 [MediaWiki-announce] Security Release: 1.26.1, 1.25.4, 1.24.5 and 1.23.12", - "refsource" : "MLIST", - "url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html" - }, - { - "name" : "[oss-security] 20151221 CVE requests for MediaWiki 1.26.1, 1.25.4, 1.24.5 and 1.23.12", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/12/21/8" - }, - { - "name" : "[oss-security] 20151223 Re: CVE requests for MediaWiki 1.26.1, 1.25.4, 1.24.5 and 1.23.12", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/12/23/7" - }, - { - "name" : "https://phabricator.wikimedia.org/T118032", - "refsource" : "CONFIRM", - "url" : "https://phabricator.wikimedia.org/T118032" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly sanitize parameters when calling the cURL library, which allows remote attackers to read arbitrary files via an @ (at sign) character in unspecified POST array parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[MediaWiki-announce] 20151221 [MediaWiki-announce] Security Release: 1.26.1, 1.25.4, 1.24.5 and 1.23.12", + "refsource": "MLIST", + "url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html" + }, + { + "name": "[oss-security] 20151223 Re: CVE requests for MediaWiki 1.26.1, 1.25.4, 1.24.5 and 1.23.12", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/12/23/7" + }, + { + "name": "https://phabricator.wikimedia.org/T118032", + "refsource": "CONFIRM", + "url": "https://phabricator.wikimedia.org/T118032" + }, + { + "name": "[oss-security] 20151221 CVE requests for MediaWiki 1.26.1, 1.25.4, 1.24.5 and 1.23.12", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/12/21/8" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8699.json b/2015/8xxx/CVE-2015-8699.json index 29da87ffb49..ffb34021120 100644 --- a/2015/8xxx/CVE-2015-8699.json +++ b/2015/8xxx/CVE-2015-8699.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8699", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8699", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160627-01-security-notice-for-release-automation.aspx", - "refsource" : "CONFIRM", - "url" : "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160627-01-security-notice-for-release-automation.aspx" - }, - { - "name" : "91497", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91497" - }, - { - "name" : "1036193", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036193" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036193", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036193" + }, + { + "name": "91497", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91497" + }, + { + "name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160627-01-security-notice-for-release-automation.aspx", + "refsource": "CONFIRM", + "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160627-01-security-notice-for-release-automation.aspx" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8979.json b/2015/8xxx/CVE-2015-8979.json index 0dacbf6ae01..e3ba6f60dce 100644 --- a/2015/8xxx/CVE-2015-8979.json +++ b/2015/8xxx/CVE-2015-8979.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8979", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the parsePresentationContext function in storescp in DICOM dcmtk-3.6.0 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a long string sent to TCP port 4242." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8979", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161217 Re: CVE request - DCMTK remote stack buffer overflow", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/12/18/2" - }, - { - "name" : "http://packetstormsecurity.com/files/140191/DCMTK-storescp-DICOM-storage-C-STORE-SCP-Remote-Stack-Buffer-Overflow.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/140191/DCMTK-storescp-DICOM-storage-C-STORE-SCP-Remote-Stack-Buffer-Overflow.html" - }, - { - "name" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php", - "refsource" : "MISC", - "url" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1405919", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1405919" - }, - { - "name" : "DSA-3749", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3749" - }, - { - "name" : "94951", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94951" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the parsePresentationContext function in storescp in DICOM dcmtk-3.6.0 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a long string sent to TCP port 4242." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/140191/DCMTK-storescp-DICOM-storage-C-STORE-SCP-Remote-Stack-Buffer-Overflow.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/140191/DCMTK-storescp-DICOM-storage-C-STORE-SCP-Remote-Stack-Buffer-Overflow.html" + }, + { + "name": "94951", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94951" + }, + { + "name": "DSA-3749", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3749" + }, + { + "name": "[oss-security] 20161217 Re: CVE request - DCMTK remote stack buffer overflow", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/12/18/2" + }, + { + "name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php", + "refsource": "MISC", + "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5384.php" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1405919", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1405919" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1307.json b/2016/1xxx/CVE-2016-1307.json index 2928b6c7453..b39d5f06dcb 100644 --- a/2016/1xxx/CVE-2016-1307.json +++ b/2016/1xxx/CVE-2016-1307.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1307", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote attackers to obtain access via an XMPP session, aka Bug ID CSCuw79085." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1307", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160202 Cisco Finesse Desktop and Cisco Unified Contact Center Express Applications XMPP Unauthorized Access Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-fducce" - }, - { - "name" : "1034920", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034920" - }, - { - "name" : "1034921", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034921" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote attackers to obtain access via an XMPP session, aka Bug ID CSCuw79085." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160202 Cisco Finesse Desktop and Cisco Unified Contact Center Express Applications XMPP Unauthorized Access Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-fducce" + }, + { + "name": "1034921", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034921" + }, + { + "name": "1034920", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034920" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1435.json b/2016/1xxx/CVE-2016-1435.json index e768ab2bec3..f6b25cab72a 100644 --- a/2016/1xxx/CVE-2016-1435.json +++ b/2016/1xxx/CVE-2016-1435.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1435", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco 8800 phones with software 11.0(1) do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leveraging shell access, aka Bug ID CSCuz03014." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1435", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160620 Cisco 8800 Series IP Phone Filesystem Permission Enforcement Unauthorized Access Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ipp" - }, - { - "name" : "1036138", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036138" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco 8800 phones with software 11.0(1) do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leveraging shell access, aka Bug ID CSCuz03014." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036138", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036138" + }, + { + "name": "20160620 Cisco 8800 Series IP Phone Filesystem Permission Enforcement Unauthorized Access Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160620-ipp" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5310.json b/2016/5xxx/CVE-2016-5310.json index 23dd36df261..c253c297639 100644 --- a/2016/5xxx/CVE-2016-5310.json +++ b/2016/5xxx/CVE-2016-5310.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5310", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@symantec.com", + "ID": "CVE-2016-5310", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40405", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40405/" - }, - { - "name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=867", - "refsource" : "MISC", - "url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=867" - }, - { - "name" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160919_00", - "refsource" : "CONFIRM", - "url" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160919_00" - }, - { - "name" : "92866", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92866" - }, - { - "name" : "1036847", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036847" - }, - { - "name" : "1036848", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036848" - }, - { - "name" : "1036849", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036849" - }, - { - "name" : "1036850", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036850" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160919_00", + "refsource": "CONFIRM", + "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160919_00" + }, + { + "name": "1036848", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036848" + }, + { + "name": "40405", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40405/" + }, + { + "name": "92866", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92866" + }, + { + "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867", + "refsource": "MISC", + "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867" + }, + { + "name": "1036849", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036849" + }, + { + "name": "1036847", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036847" + }, + { + "name": "1036850", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036850" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2052.json b/2018/2xxx/CVE-2018-2052.json index 9b20d3238a2..763a7445a30 100644 --- a/2018/2xxx/CVE-2018-2052.json +++ b/2018/2xxx/CVE-2018-2052.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2052", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2052", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2333.json b/2018/2xxx/CVE-2018-2333.json index 30112f8d120..cf64161a198 100644 --- a/2018/2xxx/CVE-2018-2333.json +++ b/2018/2xxx/CVE-2018-2333.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2333", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2333", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2901.json b/2018/2xxx/CVE-2018-2901.json index f158ce8bddd..66255565d36 100644 --- a/2018/2xxx/CVE-2018-2901.json +++ b/2018/2xxx/CVE-2018-2901.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2901", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Solaris Operating System", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "10" - }, - { - "version_affected" : "=", - "version_value" : "11.2" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via DHCP to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Solaris. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via DHCP to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Solaris." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2901", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Solaris Operating System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10" + }, + { + "version_affected": "=", + "version_value": "11.2" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" - }, - { - "name" : "104810", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104810" - }, - { - "name" : "1041303", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041303" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via DHCP to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Solaris. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via DHCP to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Solaris." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "104810", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104810" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" + }, + { + "name": "1041303", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041303" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6149.json b/2018/6xxx/CVE-2018-6149.json index 977065acaca..149b4b6a7ce 100644 --- a/2018/6xxx/CVE-2018-6149.json +++ b/2018/6xxx/CVE-2018-6149.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6149", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6149", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0426.json b/2019/0xxx/CVE-2019-0426.json index ed2151d5892..27b92267605 100644 --- a/2019/0xxx/CVE-2019-0426.json +++ b/2019/0xxx/CVE-2019-0426.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0426", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0426", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0481.json b/2019/0xxx/CVE-2019-0481.json index c6df773ab26..e2f31c0dafb 100644 --- a/2019/0xxx/CVE-2019-0481.json +++ b/2019/0xxx/CVE-2019-0481.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0481", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0481", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0816.json b/2019/0xxx/CVE-2019-0816.json index 656635677f8..e19e10831ad 100644 --- a/2019/0xxx/CVE-2019-0816.json +++ b/2019/0xxx/CVE-2019-0816.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0816", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0816", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1000xxx/CVE-2019-1000048.json b/2019/1000xxx/CVE-2019-1000048.json index e2294ce6d1f..95aa5c8fc89 100644 --- a/2019/1000xxx/CVE-2019-1000048.json +++ b/2019/1000xxx/CVE-2019-1000048.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1000048", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-7469. Reason: This candidate is a reservation duplicate of CVE-2013-7469. Notes: All CVE users should reference CVE-2013-7469 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-1000048", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-7469. Reason: This candidate is a reservation duplicate of CVE-2013-7469. Notes: All CVE users should reference CVE-2013-7469 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1105.json b/2019/1xxx/CVE-2019-1105.json index 5744751d3f8..00ce942c285 100644 --- a/2019/1xxx/CVE-2019-1105.json +++ b/2019/1xxx/CVE-2019-1105.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1105", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1105", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1106.json b/2019/1xxx/CVE-2019-1106.json index afbefe919fa..31588add4ef 100644 --- a/2019/1xxx/CVE-2019-1106.json +++ b/2019/1xxx/CVE-2019-1106.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1106", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1106", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1118.json b/2019/1xxx/CVE-2019-1118.json index 70ecaa81d50..2a5ff444e30 100644 --- a/2019/1xxx/CVE-2019-1118.json +++ b/2019/1xxx/CVE-2019-1118.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1118", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1118", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1637.json b/2019/1xxx/CVE-2019-1637.json index 567ebe4587e..daf95c25537 100644 --- a/2019/1xxx/CVE-2019-1637.json +++ b/2019/1xxx/CVE-2019-1637.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "DATE_PUBLIC" : "2019-01-23T16:00:00-0800", - "ID" : "CVE-2019-1637", - "STATE" : "PUBLIC", - "TITLE" : "Cisco Webex Network Recording Player Arbitrary Code Execution Vulnerabilities" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco WebEx WRF Player ", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "Cisco" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system." - } - ] - }, - "exploit" : [ - { - "lang" : "eng", - "value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " - } - ], - "impact" : { - "cvss" : { - "baseScore" : "7.8", - "vectorString" : "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-119" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2019-01-23T16:00:00-0800", + "ID": "CVE-2019-1637", + "STATE": "PUBLIC", + "TITLE": "Cisco Webex Network Recording Player Arbitrary Code Execution Vulnerabilities" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco WebEx WRF Player ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20190123 Cisco Webex Network Recording Player Arbitrary Code Execution Vulnerabilities", - "refsource" : "CISCO", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-webex-rce" - }, - { - "name" : "106704", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106704" - } - ] - }, - "source" : { - "advisory" : "cisco-sa-20190123-webex-rce", - "defect" : [ - [ - "CSCvm65148", - "CSCvm65207", - "CSCvm65741", - "CSCvm65747", - "CSCvm65794", - "CSCvm65798", - "CSCvm86137", - "CSCvm86143", - "CSCvm86148", - "CSCvm86157", - "CSCvm86160", - "CSCvm86165" - ] - ], - "discovery" : "INTERNAL" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system." + } + ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "7.8", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-119" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20190123 Cisco Webex Network Recording Player Arbitrary Code Execution Vulnerabilities", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-webex-rce" + }, + { + "name": "106704", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106704" + } + ] + }, + "source": { + "advisory": "cisco-sa-20190123-webex-rce", + "defect": [ + [ + "CSCvm65148", + "CSCvm65207", + "CSCvm65741", + "CSCvm65747", + "CSCvm65794", + "CSCvm65798", + "CSCvm86137", + "CSCvm86143", + "CSCvm86148", + "CSCvm86157", + "CSCvm86160", + "CSCvm86165" + ] + ], + "discovery": "INTERNAL" + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1989.json b/2019/1xxx/CVE-2019-1989.json index 77044513d6e..68b6e9508c0 100644 --- a/2019/1xxx/CVE-2019-1989.json +++ b/2019/1xxx/CVE-2019-1989.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1989", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1989", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4214.json b/2019/4xxx/CVE-2019-4214.json index 67ee692f83e..cae0932dd13 100644 --- a/2019/4xxx/CVE-2019-4214.json +++ b/2019/4xxx/CVE-2019-4214.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4214", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4214", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4834.json b/2019/4xxx/CVE-2019-4834.json index 3ab0e07d0b4..2c527621ce8 100644 --- a/2019/4xxx/CVE-2019-4834.json +++ b/2019/4xxx/CVE-2019-4834.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4834", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4834", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5001.json b/2019/5xxx/CVE-2019-5001.json index c404c850ddc..901caf77f87 100644 --- a/2019/5xxx/CVE-2019-5001.json +++ b/2019/5xxx/CVE-2019-5001.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5001", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5001", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5019.json b/2019/5xxx/CVE-2019-5019.json index 53111230218..72e01dac5c9 100644 --- a/2019/5xxx/CVE-2019-5019.json +++ b/2019/5xxx/CVE-2019-5019.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "talos-cna@cisco.com", - "DATE_PUBLIC" : "2019-02-28T00:00:00", - "ID" : "CVE-2019-5019", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Antenna House", - "version" : { - "version_data" : [ - { - "version_value" : "Antenna House Rainbow PDF Office Server Document Converter v7.0 Pro R1 for Linux64 (7,0,2018,1113)" - } - ] - } - } - ] - }, - "vendor_name" : "Talos" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A heap overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 (7,0,2018,1113). While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation between size and the number of properties in PropertySet packets, causing an out-of-bounds write that leads to heap corruption and consequent code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "heap overflow" - } + "CVE_data_meta": { + "ASSIGNER": "talos-cna@cisco.com", + "DATE_PUBLIC": "2019-02-28T00:00:00", + "ID": "CVE-2019-5019", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Antenna House", + "version": { + "version_data": [ + { + "version_value": "Antenna House Rainbow PDF Office Server Document Converter v7.0 Pro R1 for Linux64 (7,0,2018,1113)" + } + ] + } + } + ] + }, + "vendor_name": "Talos" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0780", - "refsource" : "MISC", - "url" : "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0780" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A heap overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 (7,0,2018,1113). While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation between size and the number of properties in PropertySet packets, causing an out-of-bounds write that leads to heap corruption and consequent code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "heap overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0780", + "refsource": "MISC", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0780" + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5101.json b/2019/5xxx/CVE-2019-5101.json index 2795a6fdc06..d5b83804d7f 100644 --- a/2019/5xxx/CVE-2019-5101.json +++ b/2019/5xxx/CVE-2019-5101.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5101", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5101", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5528.json b/2019/5xxx/CVE-2019-5528.json index af11b9e0221..e8562e1da8c 100644 --- a/2019/5xxx/CVE-2019-5528.json +++ b/2019/5xxx/CVE-2019-5528.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5528", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5528", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file