From 372e3bc96531cfdefbb41cbf47c291e4841d9f0e Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 06:26:01 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0104.json | 130 +++--- 1999/0xxx/CVE-1999-0270.json | 160 +++---- 1999/1xxx/CVE-1999-1040.json | 140 +++--- 2007/0xxx/CVE-2007-0001.json | 180 ++++---- 2007/0xxx/CVE-2007-0173.json | 160 +++---- 2007/0xxx/CVE-2007-0202.json | 200 ++++----- 2007/0xxx/CVE-2007-0725.json | 180 ++++---- 2007/1xxx/CVE-2007-1153.json | 130 +++--- 2007/1xxx/CVE-2007-1192.json | 150 +++---- 2007/1xxx/CVE-2007-1510.json | 200 ++++----- 2007/1xxx/CVE-2007-1799.json | 230 +++++----- 2007/5xxx/CVE-2007-5010.json | 160 +++---- 2007/5xxx/CVE-2007-5455.json | 160 +++---- 2007/5xxx/CVE-2007-5828.json | 140 +++--- 2015/3xxx/CVE-2015-3159.json | 34 +- 2015/3xxx/CVE-2015-3236.json | 210 ++++----- 2015/3xxx/CVE-2015-3355.json | 160 +++---- 2015/3xxx/CVE-2015-3731.json | 210 ++++----- 2015/6xxx/CVE-2015-6346.json | 130 +++--- 2015/6xxx/CVE-2015-6639.json | 140 +++--- 2015/6xxx/CVE-2015-6701.json | 140 +++--- 2015/7xxx/CVE-2015-7211.json | 220 +++++----- 2015/7xxx/CVE-2015-7405.json | 34 +- 2015/7xxx/CVE-2015-7766.json | 160 +++---- 2015/7xxx/CVE-2015-7936.json | 130 +++--- 2015/8xxx/CVE-2015-8451.json | 210 ++++----- 2015/8xxx/CVE-2015-8462.json | 34 +- 2015/8xxx/CVE-2015-8691.json | 34 +- 2016/0xxx/CVE-2016-0238.json | 172 ++++---- 2016/0xxx/CVE-2016-0537.json | 130 +++--- 2016/1xxx/CVE-2016-1693.json | 220 +++++----- 2016/1xxx/CVE-2016-1795.json | 150 +++---- 2016/5xxx/CVE-2016-5217.json | 160 +++---- 2016/5xxx/CVE-2016-5401.json | 120 +++--- 2016/5xxx/CVE-2016-5506.json | 140 +++--- 2016/5xxx/CVE-2016-5573.json | 310 +++++++------- 2016/5xxx/CVE-2016-5891.json | 34 +- 2019/0xxx/CVE-2019-0361.json | 34 +- 2019/0xxx/CVE-2019-0613.json | 810 +++++++++++++++++------------------ 2019/0xxx/CVE-2019-0634.json | 196 ++++----- 2019/0xxx/CVE-2019-0773.json | 34 +- 2019/0xxx/CVE-2019-0974.json | 34 +- 2019/1xxx/CVE-2019-1367.json | 34 +- 2019/1xxx/CVE-2019-1454.json | 34 +- 2019/4xxx/CVE-2019-4060.json | 34 +- 2019/4xxx/CVE-2019-4084.json | 34 +- 2019/4xxx/CVE-2019-4507.json | 34 +- 2019/4xxx/CVE-2019-4809.json | 34 +- 2019/5xxx/CVE-2019-5036.json | 34 +- 2019/5xxx/CVE-2019-5509.json | 34 +- 2019/5xxx/CVE-2019-5540.json | 34 +- 2019/5xxx/CVE-2019-5823.json | 34 +- 2019/8xxx/CVE-2019-8204.json | 34 +- 2019/8xxx/CVE-2019-8294.json | 34 +- 2019/8xxx/CVE-2019-8640.json | 34 +- 2019/9xxx/CVE-2019-9540.json | 34 +- 2019/9xxx/CVE-2019-9589.json | 130 +++--- 2019/9xxx/CVE-2019-9677.json | 34 +- 2019/9xxx/CVE-2019-9781.json | 34 +- 59 files changed, 3692 insertions(+), 3692 deletions(-) diff --git a/1999/0xxx/CVE-1999-0104.json b/1999/0xxx/CVE-1999-0104.json index 2aeb752a9ac..033c578ad13 100644 --- a/1999/0xxx/CVE-1999-0104.json +++ b/1999/0xxx/CVE-1999-0104.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0104", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0104", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "80175", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/80175" - }, - { - "name" : "oval:org.mitre.oval:def:5743", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5743" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:5743", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5743" + }, + { + "name": "80175", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/80175" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0270.json b/1999/0xxx/CVE-1999-0270.json index e1a6930bad3..b4e2a4463e4 100644 --- a/1999/0xxx/CVE-1999-0270.json +++ b/1999/0xxx/CVE-1999-0270.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0270", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as \"pfdisplay\") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0270", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19980401-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/19980401-01-P" - }, - { - "name" : "I-041", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/i-041.shtml" - }, - { - "name" : "64", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/64" - }, - { - "name" : "134", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/134" - }, - { - "name" : "sgi-pfdispaly(810)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/810" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as \"pfdisplay\") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "sgi-pfdispaly(810)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/810" + }, + { + "name": "I-041", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/i-041.shtml" + }, + { + "name": "64", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/64" + }, + { + "name": "134", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/134" + }, + { + "name": "19980401-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/19980401-01-P" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1040.json b/1999/1xxx/CVE-1999-1040.json index 19c5a77d078..6782e224a76 100644 --- a/1999/1xxx/CVE-1999-1040.json +++ b/1999/1xxx/CVE-1999-1040.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1040", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1040", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19980408 SGI O2 ipx security issue", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=89217373930054&w=2" - }, - { - "name" : "19980501-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/19980501-01-P2869" - }, - { - "name" : "I-055", - "refsource" : "CIAC", - "url" : "http://ciac.llnl.gov/ciac/bulletins/i-055.shtml" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19980501-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/19980501-01-P2869" + }, + { + "name": "19980408 SGI O2 ipx security issue", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=89217373930054&w=2" + }, + { + "name": "I-055", + "refsource": "CIAC", + "url": "http://ciac.llnl.gov/ciac/bulletins/i-055.shtml" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0001.json b/2007/0xxx/CVE-2007-0001.json index d1df2aa76f4..ef33952ffbc 100644 --- a/2007/0xxx/CVE-2007-0001.json +++ b/2007/0xxx/CVE-2007-0001.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0001", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The file watch implementation in the audit subsystem (auditctl -w) in the Red Hat Enterprise Linux (RHEL) 4 kernel 2.6.9 allows local users to cause a denial of service (kernel panic) by replacing a watched file, which does not cause the watch on the old inode to be dropped." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0001", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=223129", - "refsource" : "MISC", - "url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=223129" - }, - { - "name" : "RHSA-2007:0085", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0085.html" - }, - { - "name" : "22737", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22737" - }, - { - "name" : "33031", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33031" - }, - { - "name" : "oval:org.mitre.oval:def:9560", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9560" - }, - { - "name" : "1017705", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017705" - }, - { - "name" : "24300", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24300" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The file watch implementation in the audit subsystem (auditctl -w) in the Red Hat Enterprise Linux (RHEL) 4 kernel 2.6.9 allows local users to cause a denial of service (kernel panic) by replacing a watched file, which does not cause the watch on the old inode to be dropped." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33031", + "refsource": "OSVDB", + "url": "http://osvdb.org/33031" + }, + { + "name": "oval:org.mitre.oval:def:9560", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9560" + }, + { + "name": "24300", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24300" + }, + { + "name": "RHSA-2007:0085", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0085.html" + }, + { + "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=223129", + "refsource": "MISC", + "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=223129" + }, + { + "name": "1017705", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017705" + }, + { + "name": "22737", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22737" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0173.json b/2007/0xxx/CVE-2007-0173.json index 21dd4d33b37..4607b02e10a 100644 --- a/2007/0xxx/CVE-2007-0173.json +++ b/2007/0xxx/CVE-2007-0173.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0173", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in index.php in L2J Statistik Script 0.09 and earlier, when register_globals is enabled and magic_quotes is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0173", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3091", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3091" - }, - { - "name" : "21914", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21914" - }, - { - "name" : "ADV-2007-0097", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0097" - }, - { - "name" : "35914", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35914" - }, - { - "name" : "l2j-statistik-index-file-include(31309)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31309" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in index.php in L2J Statistik Script 0.09 and earlier, when register_globals is enabled and magic_quotes is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0097", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0097" + }, + { + "name": "3091", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3091" + }, + { + "name": "21914", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21914" + }, + { + "name": "l2j-statistik-index-file-include(31309)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31309" + }, + { + "name": "35914", + "refsource": "OSVDB", + "url": "http://osvdb.org/35914" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0202.json b/2007/0xxx/CVE-2007-0202.json index 4fc18676444..38bffbb9a67 100644 --- a/2007/0xxx/CVE-2007-0202.json +++ b/2007/0xxx/CVE-2007-0202.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0202", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lang parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0202", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070107 @lex Guestbook <= 4.0.2 Remote Command Execution Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456218/100/0/threaded" - }, - { - "name" : "http://acid-root.new.fr/poc/20070107.txt", - "refsource" : "MISC", - "url" : "http://acid-root.new.fr/poc/20070107.txt" - }, - { - "name" : "3103", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3103" - }, - { - "name" : "21926", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21926" - }, - { - "name" : "ADV-2007-0137", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0137" - }, - { - "name" : "31707", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31707" - }, - { - "name" : "23637", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23637" - }, - { - "name" : "2135", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2135" - }, - { - "name" : "@lexguestbook-index-sql-injection(31393)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31393" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lang parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://acid-root.new.fr/poc/20070107.txt", + "refsource": "MISC", + "url": "http://acid-root.new.fr/poc/20070107.txt" + }, + { + "name": "31707", + "refsource": "OSVDB", + "url": "http://osvdb.org/31707" + }, + { + "name": "23637", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23637" + }, + { + "name": "2135", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2135" + }, + { + "name": "@lexguestbook-index-sql-injection(31393)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31393" + }, + { + "name": "21926", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21926" + }, + { + "name": "20070107 @lex Guestbook <= 4.0.2 Remote Command Execution Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456218/100/0/threaded" + }, + { + "name": "3103", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3103" + }, + { + "name": "ADV-2007-0137", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0137" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0725.json b/2007/0xxx/CVE-2007-0725.json index 138a4e96021..28fb1a0d537 100644 --- a/2007/0xxx/CVE-2007-0725.json +++ b/2007/0xxx/CVE-2007-0725.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0725", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through 10.4.9, when running on hardware with the original AirPort wireless card, allows local users to execute arbitrary code by \"sending malformed control commands.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0725", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=305391", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=305391" - }, - { - "name" : "APPLE-SA-2007-04-19", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" - }, - { - "name" : "TA07-109A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" - }, - { - "name" : "23569", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23569" - }, - { - "name" : "ADV-2007-1470", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1470" - }, - { - "name" : "34857", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34857" - }, - { - "name" : "24966", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24966" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through 10.4.9, when running on hardware with the original AirPort wireless card, allows local users to execute arbitrary code by \"sending malformed control commands.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24966", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24966" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=305391", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=305391" + }, + { + "name": "23569", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23569" + }, + { + "name": "TA07-109A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" + }, + { + "name": "34857", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34857" + }, + { + "name": "APPLE-SA-2007-04-19", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" + }, + { + "name": "ADV-2007-1470", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1470" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1153.json b/2007/1xxx/CVE-2007-1153.json index defca09e526..a3b419642d8 100644 --- a/2007/1xxx/CVE-2007-1153.json +++ b/2007/1xxx/CVE-2007-1153.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1153", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in CutePHP CuteNews 1.3.6 allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: issue might overlap CVE-2004-1660 or CVE-2006-4445." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1153", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "22674", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22674" - }, - { - "name" : "37397", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37397" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in CutePHP CuteNews 1.3.6 allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: issue might overlap CVE-2004-1660 or CVE-2006-4445." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22674", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22674" + }, + { + "name": "37397", + "refsource": "OSVDB", + "url": "http://osvdb.org/37397" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1192.json b/2007/1xxx/CVE-2007-1192.json index f50a3528dff..eb7e59e6400 100644 --- a/2007/1xxx/CVE-2007-1192.json +++ b/2007/1xxx/CVE-2007-1192.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1192", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download an admin password hash via a direct request for data/gbconfiguration.dat." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1192", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://downloads.securityfocus.com/vulnerabilities/exploits/22754.py", - "refsource" : "MISC", - "url" : "http://downloads.securityfocus.com/vulnerabilities/exploits/22754.py" - }, - { - "name" : "22754", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22754" - }, - { - "name" : "33868", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33868" - }, - { - "name" : "24392", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24392" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download an admin password hash via a direct request for data/gbconfiguration.dat." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24392", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24392" + }, + { + "name": "http://downloads.securityfocus.com/vulnerabilities/exploits/22754.py", + "refsource": "MISC", + "url": "http://downloads.securityfocus.com/vulnerabilities/exploits/22754.py" + }, + { + "name": "22754", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22754" + }, + { + "name": "33868", + "refsource": "OSVDB", + "url": "http://osvdb.org/33868" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1510.json b/2007/1xxx/CVE-2007-1510.json index 1e40970246e..221339a9880 100644 --- a/2007/1xxx/CVE-2007-1510.json +++ b/2007/1xxx/CVE-2007-1510.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1510", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in post.php in Particle Blogger 1.0.0 through 1.2.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1510", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070316 Particle Blogger All Version Post.PHP (PostID) Remote SQL Injection Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463027/100/0/threaded" - }, - { - "name" : "http://forums.particlesoft.net/viewtopic.php?t=675", - "refsource" : "CONFIRM", - "url" : "http://forums.particlesoft.net/viewtopic.php?t=675" - }, - { - "name" : "3500", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3500" - }, - { - "name" : "23005", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23005" - }, - { - "name" : "ADV-2007-1006", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1006" - }, - { - "name" : "34305", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34305" - }, - { - "name" : "24559", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24559" - }, - { - "name" : "2460", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2460" - }, - { - "name" : "particle-post-sql-injection(33030)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33030" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in post.php in Particle Blogger 1.0.0 through 1.2.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://forums.particlesoft.net/viewtopic.php?t=675", + "refsource": "CONFIRM", + "url": "http://forums.particlesoft.net/viewtopic.php?t=675" + }, + { + "name": "particle-post-sql-injection(33030)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33030" + }, + { + "name": "34305", + "refsource": "OSVDB", + "url": "http://osvdb.org/34305" + }, + { + "name": "24559", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24559" + }, + { + "name": "2460", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2460" + }, + { + "name": "3500", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3500" + }, + { + "name": "23005", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23005" + }, + { + "name": "20070316 Particle Blogger All Version Post.PHP (PostID) Remote SQL Injection Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463027/100/0/threaded" + }, + { + "name": "ADV-2007-1006", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1006" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1799.json b/2007/1xxx/CVE-2007-1799.json index 0436dab5adb..5d23a17052c 100644 --- a/2007/1xxx/CVE-2007-1799.json +++ b/2007/1xxx/CVE-2007-1799.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1799", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the \"..\" string, which allows remote attackers to overwrite arbitrary files via modified \"..\" sequences in a torrent filename, as demonstrated by \"../\" sequences, due to an incomplete fix for CVE-2007-1384." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1799", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.kde.org/show_bug.cgi?id=143637", - "refsource" : "CONFIRM", - "url" : "http://bugs.kde.org/show_bug.cgi?id=143637" - }, - { - "name" : "https://bugs.gentoo.org/show_bug.cgi?id=170303", - "refsource" : "CONFIRM", - "url" : "https://bugs.gentoo.org/show_bug.cgi?id=170303" - }, - { - "name" : "DSA-1373", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1373" - }, - { - "name" : "GLSA-200705-01", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200705-01.xml" - }, - { - "name" : "MDKSA-2007:095", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:095" - }, - { - "name" : "SUSE-SR:2007:007", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_007_suse.html" - }, - { - "name" : "USN-436-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-436-2" - }, - { - "name" : "23745", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23745" - }, - { - "name" : "24995", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24995" - }, - { - "name" : "25097", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25097" - }, - { - "name" : "26773", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26773" - }, - { - "name" : "ktorrent-torrentcpp-directory-traversal(33566)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33566" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the \"..\" string, which allows remote attackers to overwrite arbitrary files via modified \"..\" sequences in a torrent filename, as demonstrated by \"../\" sequences, due to an incomplete fix for CVE-2007-1384." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.gentoo.org/show_bug.cgi?id=170303", + "refsource": "CONFIRM", + "url": "https://bugs.gentoo.org/show_bug.cgi?id=170303" + }, + { + "name": "SUSE-SR:2007:007", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_007_suse.html" + }, + { + "name": "24995", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24995" + }, + { + "name": "26773", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26773" + }, + { + "name": "25097", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25097" + }, + { + "name": "http://bugs.kde.org/show_bug.cgi?id=143637", + "refsource": "CONFIRM", + "url": "http://bugs.kde.org/show_bug.cgi?id=143637" + }, + { + "name": "DSA-1373", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1373" + }, + { + "name": "MDKSA-2007:095", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:095" + }, + { + "name": "GLSA-200705-01", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200705-01.xml" + }, + { + "name": "ktorrent-torrentcpp-directory-traversal(33566)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33566" + }, + { + "name": "23745", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23745" + }, + { + "name": "USN-436-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-436-2" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5010.json b/2007/5xxx/CVE-2007-5010.json index 607b562fd39..01e6dac84b3 100644 --- a/2007/5xxx/CVE-2007-5010.json +++ b/2007/5xxx/CVE-2007-5010.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5010", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in WebBatch allows remote attackers to inject arbitrary web script or HTML via the URL to webbatch.exe." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5010", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070920 WebBatch Applications Cross Site Scripting Vulrnability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=119030378017879&w=2" - }, - { - "name" : "25744", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25744" - }, - { - "name" : "38285", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38285" - }, - { - "name" : "26889", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26889" - }, - { - "name" : "webbatch-client-xss(36704)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36704" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in WebBatch allows remote attackers to inject arbitrary web script or HTML via the URL to webbatch.exe." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070920 WebBatch Applications Cross Site Scripting Vulrnability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=119030378017879&w=2" + }, + { + "name": "25744", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25744" + }, + { + "name": "38285", + "refsource": "OSVDB", + "url": "http://osvdb.org/38285" + }, + { + "name": "webbatch-client-xss(36704)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36704" + }, + { + "name": "26889", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26889" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5455.json b/2007/5xxx/CVE-2007-5455.json index 9ae3bb170e2..d7994bfde43 100644 --- a/2007/5xxx/CVE-2007-5455.json +++ b/2007/5xxx/CVE-2007-5455.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5455", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in wxis.exe in WWWISIS 7.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a call to the iah/iah.xis IsisScript code, possibly involving the lang or exprSearch parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5455", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071016 WWWISIS <= 7.1 (IsisScript) Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482356/100/0/threaded" - }, - { - "name" : "4529", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4529" - }, - { - "name" : "26067", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26067" - }, - { - "name" : "27310", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27310" - }, - { - "name" : "wwwisis-wxis-xss(37214)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37214" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in wxis.exe in WWWISIS 7.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a call to the iah/iah.xis IsisScript code, possibly involving the lang or exprSearch parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27310", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27310" + }, + { + "name": "wwwisis-wxis-xss(37214)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37214" + }, + { + "name": "26067", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26067" + }, + { + "name": "20071016 WWWISIS <= 7.1 (IsisScript) Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482356/100/0/threaded" + }, + { + "name": "4529", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4529" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5828.json b/2007/5xxx/CVE-2007-5828.json index 3ecfdf546e9..f0f72c26372 100644 --- a/2007/5xxx/CVE-2007-5828.json +++ b/2007/5xxx/CVE-2007-5828.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5828", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the admin panel in Django 0.96 allows remote attackers to change passwords of arbitrary users via a request to admin/auth/user/1/password/. NOTE: this issue has been disputed by Debian, since product documentation includes a recommendation for a CSRF protection module that is included with the product. However, CVE considers this an issue because the default configuration does not use this module." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5828", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071029 Django 0.96 (stable) Admin Panel CSRF", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482983/100/0/threaded" - }, - { - "name" : "45285", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45285" - }, - { - "name" : "3338", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3338" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the admin panel in Django 0.96 allows remote attackers to change passwords of arbitrary users via a request to admin/auth/user/1/password/. NOTE: this issue has been disputed by Debian, since product documentation includes a recommendation for a CSRF protection module that is included with the product. However, CVE considers this an issue because the default configuration does not use this module." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071029 Django 0.96 (stable) Admin Panel CSRF", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482983/100/0/threaded" + }, + { + "name": "3338", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3338" + }, + { + "name": "45285", + "refsource": "OSVDB", + "url": "http://osvdb.org/45285" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3159.json b/2015/3xxx/CVE-2015-3159.json index de90af57426..5371ba2218c 100644 --- a/2015/3xxx/CVE-2015-3159.json +++ b/2015/3xxx/CVE-2015-3159.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3159", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3159", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3236.json b/2015/3xxx/CVE-2015-3236.json index f432d10643a..febc265a62c 100644 --- a/2015/3xxx/CVE-2015-3236.json +++ b/2015/3xxx/CVE-2015-3236.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3236", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic authentication credentials for a previous connection when reusing a reset (curl_easy_reset) connection handle to send a request to the same host name, which allows remote attackers to obtain sensitive information via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3236", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://curl.haxx.se/docs/adv_20150617A.html", - "refsource" : "CONFIRM", - "url" : "http://curl.haxx.se/docs/adv_20150617A.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10131", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10131" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" - }, - { - "name" : "FEDORA-2015-10155", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160660.html" - }, - { - "name" : "GLSA-201509-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201509-02" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "75385", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75385" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic authentication credentials for a previous connection when reusing a reset (curl_easy_reset) connection handle to send a request to the same host name, which allows remote attackers to obtain sensitive information via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10131", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10131" + }, + { + "name": "http://curl.haxx.se/docs/adv_20150617A.html", + "refsource": "CONFIRM", + "url": "http://curl.haxx.se/docs/adv_20150617A.html" + }, + { + "name": "FEDORA-2015-10155", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160660.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + }, + { + "name": "75385", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75385" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" + }, + { + "name": "GLSA-201509-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201509-02" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3355.json b/2015/3xxx/CVE-2015-3355.json index 87720b9253f..d0eef941001 100644 --- a/2015/3xxx/CVE-2015-3355.json +++ b/2015/3xxx/CVE-2015-3355.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3355", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Batch Jobs module before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of certain users for requests that (1) delete a batch job record or (2) execute a task via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3355", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/01/29/6" - }, - { - "name" : "https://www.drupal.org/node/2402839", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2402839" - }, - { - "name" : "https://www.drupal.org/node/2403451", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2403451" - }, - { - "name" : "71954", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71954" - }, - { - "name" : "72114", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72114" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Batch Jobs module before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of certain users for requests that (1) delete a batch job record or (2) execute a task via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "72114", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72114" + }, + { + "name": "https://www.drupal.org/node/2403451", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2403451" + }, + { + "name": "https://www.drupal.org/node/2402839", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2402839" + }, + { + "name": "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/01/29/6" + }, + { + "name": "71954", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71954" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3731.json b/2015/3xxx/CVE-2015-3731.json index 7c33a24a9b6..38a77b5cff1 100644 --- a/2015/3xxx/CVE-2015-3731.json +++ b/2015/3xxx/CVE-2015-3731.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3731", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3731", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT205030", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205030" - }, - { - "name" : "https://support.apple.com/kb/HT205033", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205033" - }, - { - "name" : "https://support.apple.com/HT205221", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205221" - }, - { - "name" : "APPLE-SA-2015-08-13-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-08-13-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" - }, - { - "name" : "APPLE-SA-2015-09-16-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html" - }, - { - "name" : "openSUSE-SU-2016:0915", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html" - }, - { - "name" : "USN-2937-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2937-1" - }, - { - "name" : "76338", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76338" - }, - { - "name" : "1033274", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033274" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205221", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205221" + }, + { + "name": "1033274", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033274" + }, + { + "name": "https://support.apple.com/kb/HT205030", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205030" + }, + { + "name": "APPLE-SA-2015-09-16-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html" + }, + { + "name": "APPLE-SA-2015-08-13-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" + }, + { + "name": "openSUSE-SU-2016:0915", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html" + }, + { + "name": "76338", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76338" + }, + { + "name": "APPLE-SA-2015-08-13-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html" + }, + { + "name": "https://support.apple.com/kb/HT205033", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205033" + }, + { + "name": "USN-2937-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2937-1" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6346.json b/2015/6xxx/CVE-2015-6346.json index 77e3e1b9052..7538b4ef18d 100644 --- a/2015/6xxx/CVE-2015-6346.json +++ b/2015/6xxx/CVE-2015-6346.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6346", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or HTML via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6346", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151026 Cisco Secure Access Control Server Dom-Based Cross-Site Scripting Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151023-acs_xss" - }, - { - "name" : "1033969", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033969" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or HTML via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20151026 Cisco Secure Access Control Server Dom-Based Cross-Site Scripting Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151023-acs_xss" + }, + { + "name": "1033969", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033969" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6639.json b/2015/6xxx/CVE-2015-6639.json index 5609c7b921d..19f96251c1e 100644 --- a/2015/6xxx/CVE-2015-6639.json +++ b/2015/6xxx/CVE-2015-6639.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6639", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24446875." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-6639", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39757", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39757/" - }, - { - "name" : "http://source.android.com/security/bulletin/2016-01-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-01-01.html" - }, - { - "name" : "1034592", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034592" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24446875." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39757", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39757/" + }, + { + "name": "1034592", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034592" + }, + { + "name": "http://source.android.com/security/bulletin/2016-01-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-01-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6701.json b/2015/6xxx/CVE-2015-6701.json index 07502513eda..733d37c66c8 100644 --- a/2015/6xxx/CVE-2015-6701.json +++ b/2015/6xxx/CVE-2015-6701.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6701", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ambientIlluminationColor property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via a function call, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-6701", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-479", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-479" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" - }, - { - "name" : "1033796", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033796" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ambientIlluminationColor property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via a function call, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-479", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-479" + }, + { + "name": "1033796", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033796" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7211.json b/2015/7xxx/CVE-2015-7211.json index a84d9b5a06d..cb0d57fcda3 100644 --- a/2015/7xxx/CVE-2015-7211.json +++ b/2015/7xxx/CVE-2015-7211.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7211", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-7211", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-141.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-141.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1221444", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1221444" - }, - { - "name" : "FEDORA-2015-51b1105902", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html" - }, - { - "name" : "FEDORA-2015-7ab3d3afcf", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "openSUSE-SU-2016:0307", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" - }, - { - "name" : "openSUSE-SU-2016:0308", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" - }, - { - "name" : "openSUSE-SU-2015:2353", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html" - }, - { - "name" : "USN-2833-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2833-1" - }, - { - "name" : "79280", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79280" - }, - { - "name" : "1034426", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034426" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "openSUSE-SU-2015:2353", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1221444", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1221444" + }, + { + "name": "openSUSE-SU-2016:0308", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" + }, + { + "name": "FEDORA-2015-7ab3d3afcf", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html" + }, + { + "name": "USN-2833-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2833-1" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-141.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-141.html" + }, + { + "name": "79280", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79280" + }, + { + "name": "openSUSE-SU-2016:0307", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" + }, + { + "name": "FEDORA-2015-51b1105902", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html" + }, + { + "name": "1034426", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034426" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7405.json b/2015/7xxx/CVE-2015-7405.json index da851d6d08d..b7c3c631ad6 100644 --- a/2015/7xxx/CVE-2015-7405.json +++ b/2015/7xxx/CVE-2015-7405.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7405", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7405", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7766.json b/2015/7xxx/CVE-2015-7766.json index afdb3fc314b..92a1bc94125 100644 --- a/2015/7xxx/CVE-2015-7766.json +++ b/2015/7xxx/CVE-2015-7766.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7766", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and earlier allows remote administrators to bypass SQL query restrictions via a comment in the query to api/json/admin/SubmitQuery, as demonstrated by \"INSERT/**/INTO.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7766", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38221", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38221/" - }, - { - "name" : "20150915 ManageEngine OpManager multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Sep/66" - }, - { - "name" : "http://packetstormsecurity.com/files/133596/ManageEngine-OpManager-Remote-Code-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133596/ManageEngine-OpManager-Remote-Code-Execution.html" - }, - { - "name" : "http://www.rapid7.com/db/modules/exploit/windows/http/manage_engine_opmanager_rce", - "refsource" : "MISC", - "url" : "http://www.rapid7.com/db/modules/exploit/windows/http/manage_engine_opmanager_rce" - }, - { - "name" : "https://support.zoho.com/portal/manageengine/helpcenter/articles/pgsql-submitquery-do-vulnerability", - "refsource" : "CONFIRM", - "url" : "https://support.zoho.com/portal/manageengine/helpcenter/articles/pgsql-submitquery-do-vulnerability" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and earlier allows remote administrators to bypass SQL query restrictions via a comment in the query to api/json/admin/SubmitQuery, as demonstrated by \"INSERT/**/INTO.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.zoho.com/portal/manageengine/helpcenter/articles/pgsql-submitquery-do-vulnerability", + "refsource": "CONFIRM", + "url": "https://support.zoho.com/portal/manageengine/helpcenter/articles/pgsql-submitquery-do-vulnerability" + }, + { + "name": "http://www.rapid7.com/db/modules/exploit/windows/http/manage_engine_opmanager_rce", + "refsource": "MISC", + "url": "http://www.rapid7.com/db/modules/exploit/windows/http/manage_engine_opmanager_rce" + }, + { + "name": "20150915 ManageEngine OpManager multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Sep/66" + }, + { + "name": "http://packetstormsecurity.com/files/133596/ManageEngine-OpManager-Remote-Code-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133596/ManageEngine-OpManager-Remote-Code-Execution.html" + }, + { + "name": "38221", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38221/" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7936.json b/2015/7xxx/CVE-2015-7936.json index 31b4e97f783..f745586438e 100644 --- a/2015/7xxx/CVE-2015-7936.json +++ b/2015/7xxx/CVE-2015-7936.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7936", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in Motorola Solutions MOSCAD IP Gateway allows remote attackers to hijack the authentication of administrators for requests that modify a password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-7936", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-02" - }, - { - "name" : "79624", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79624" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in Motorola Solutions MOSCAD IP Gateway allows remote attackers to hijack the authentication of administrators for requests that modify a password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-02" + }, + { + "name": "79624", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79624" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8451.json b/2015/8xxx/CVE-2015-8451.json index 4044023ea02..92c7ccc85f8 100644 --- a/2015/8xxx/CVE-2015-8451.json +++ b/2015/8xxx/CVE-2015-8451.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8451", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, and CVE-2015-8455." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8451", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" - }, - { - "name" : "GLSA-201601-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201601-03" - }, - { - "name" : "SUSE-SU-2015:2236", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" - }, - { - "name" : "SUSE-SU-2015:2247", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" - }, - { - "name" : "openSUSE-SU-2015:2239", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" - }, - { - "name" : "78710", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78710" - }, - { - "name" : "1034318", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034318" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, and CVE-2015-8455." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:2239", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" + }, + { + "name": "SUSE-SU-2015:2236", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" + }, + { + "name": "SUSE-SU-2015:2247", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" + }, + { + "name": "1034318", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034318" + }, + { + "name": "GLSA-201601-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201601-03" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" + }, + { + "name": "78710", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78710" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8462.json b/2015/8xxx/CVE-2015-8462.json index e61b9a568ec..04973aa530b 100644 --- a/2015/8xxx/CVE-2015-8462.json +++ b/2015/8xxx/CVE-2015-8462.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8462", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8462", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8691.json b/2015/8xxx/CVE-2015-8691.json index 63daa82e4fe..b51c08fa71f 100644 --- a/2015/8xxx/CVE-2015-8691.json +++ b/2015/8xxx/CVE-2015-8691.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8691", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8691", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0238.json b/2016/0xxx/CVE-2016-0238.json index 3b5f794b724..91afa9a4a44 100644 --- a/2016/0xxx/CVE-2016-0238.json +++ b/2016/0xxx/CVE-2016-0238.json @@ -1,88 +1,88 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2017-06-30T00:00:00", - "ID" : "CVE-2016-0238", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Security Guardium", - "version" : { - "version_data" : [ - { - "version_value" : "9.0" - }, - { - "version_value" : "9.1" - }, - { - "version_value" : "10.0" - }, - { - "version_value" : "9.5" - }, - { - "version_value" : "10.1" - }, - { - "version_value" : "10.1.2" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 110409" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2017-06-30T00:00:00", + "ID": "CVE-2016-0238", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Security Guardium", + "version": { + "version_data": [ + { + "version_value": "9.0" + }, + { + "version_value": "9.1" + }, + { + "version_value": "10.0" + }, + { + "version_value": "9.5" + }, + { + "version_value": "10.1" + }, + { + "version_value": "10.1.2" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/110409", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/110409" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21989124", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21989124" - }, - { - "name" : "99379", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99379" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 110409" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/110409", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/110409" + }, + { + "name": "99379", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99379" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21989124", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21989124" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0537.json b/2016/0xxx/CVE-2016-0537.json index bf8125e5658..db729e21ccc 100644 --- a/2016/0xxx/CVE-2016-0537.json +++ b/2016/0xxx/CVE-2016-0537.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0537", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Person." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0537", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034726", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Person." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034726", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034726" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1693.json b/2016/1xxx/CVE-2016-1693.json index 973a2e9128f..d735712d083 100644 --- a/2016/1xxx/CVE-2016-1693.json +++ b/2016/1xxx/CVE-2016-1693.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1693", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use the HTTPS service on dl.google.com to obtain the Software Removal Tool, which allows remote attackers to spoof the chrome_cleanup_tool.exe (aka CCT) file via a man-in-the-middle attack on an HTTP session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1693", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html" - }, - { - "name" : "https://codereview.chromium.org/1919043002", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1919043002" - }, - { - "name" : "https://crbug.com/598752", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/598752" - }, - { - "name" : "DSA-3590", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3590" - }, - { - "name" : "GLSA-201607-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-07" - }, - { - "name" : "RHSA-2016:1190", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1190" - }, - { - "name" : "openSUSE-SU-2016:1430", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html" - }, - { - "name" : "openSUSE-SU-2016:1433", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html" - }, - { - "name" : "openSUSE-SU-2016:1496", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html" - }, - { - "name" : "90876", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90876" - }, - { - "name" : "1035981", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035981" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use the HTTPS service on dl.google.com to obtain the Software Removal Tool, which allows remote attackers to spoof the chrome_cleanup_tool.exe (aka CCT) file via a man-in-the-middle attack on an HTTP session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "90876", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90876" + }, + { + "name": "openSUSE-SU-2016:1496", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html" + }, + { + "name": "1035981", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035981" + }, + { + "name": "DSA-3590", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3590" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html" + }, + { + "name": "openSUSE-SU-2016:1430", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html" + }, + { + "name": "https://crbug.com/598752", + "refsource": "CONFIRM", + "url": "https://crbug.com/598752" + }, + { + "name": "RHSA-2016:1190", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1190" + }, + { + "name": "https://codereview.chromium.org/1919043002", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1919043002" + }, + { + "name": "GLSA-201607-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-07" + }, + { + "name": "openSUSE-SU-2016:1433", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1795.json b/2016/1xxx/CVE-2016-1795.json index 754de334605..4e8b1d13542 100644 --- a/2016/1xxx/CVE-2016-1795.json +++ b/2016/1xxx/CVE-2016-1795.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1795", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1795", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206567", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206567" - }, - { - "name" : "APPLE-SA-2016-05-16-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" - }, - { - "name" : "90696", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90696" - }, - { - "name" : "1035895", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "AppleGraphicsPowerManagement in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT206567", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206567" + }, + { + "name": "APPLE-SA-2016-05-16-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" + }, + { + "name": "90696", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90696" + }, + { + "name": "1035895", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035895" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5217.json b/2016/5xxx/CVE-2016-5217.json index 6bd61df0677..46e203fe748 100644 --- a/2016/5xxx/CVE-2016-5217.json +++ b/2016/5xxx/CVE-2016-5217.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-5217", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android", - "version" : { - "version_data" : [ - { - "version_value" : "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "insufficient policy enforcement" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5217", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android", + "version": { + "version_data": [ + { + "version_value": "Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html" - }, - { - "name" : "https://crbug.com/654280", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/654280" - }, - { - "name" : "GLSA-201612-11", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-11" - }, - { - "name" : "RHSA-2016:2919", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2919.html" - }, - { - "name" : "94633", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94633" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "insufficient policy enforcement" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:2919", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2919.html" + }, + { + "name": "94633", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94633" + }, + { + "name": "https://crbug.com/654280", + "refsource": "CONFIRM", + "url": "https://crbug.com/654280" + }, + { + "name": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html" + }, + { + "name": "GLSA-201612-11", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-11" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5401.json b/2016/5xxx/CVE-2016-5401.json index 7c94084ee9d..051fde14e32 100644 --- a/2016/5xxx/CVE-2016-5401.json +++ b/2016/5xxx/CVE-2016-5401.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-5401", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-5401", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1357731", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1357731" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1357731", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1357731" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5506.json b/2016/5xxx/CVE-2016-5506.json index 258d246b386..46f9d2d42d0 100644 --- a/2016/5xxx/CVE-2016-5506.json +++ b/2016/5xxx/CVE-2016-5506.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5506", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware allows local users to affect confidentiality and integrity via vectors related to App Server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5506", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93648", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93648" - }, - { - "name" : "1037051", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037051" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware allows local users to affect confidentiality and integrity via vectors related to App Server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "1037051", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037051" + }, + { + "name": "93648", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93648" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5573.json b/2016/5xxx/CVE-2016-5573.json index 212b101a872..7e1f4d2e16b 100644 --- a/2016/5xxx/CVE-2016-5573.json +++ b/2016/5xxx/CVE-2016-5573.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5573", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5573", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20161019-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20161019-0001/" - }, - { - "name" : "DSA-3707", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3707" - }, - { - "name" : "GLSA-201611-04", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201611-04" - }, - { - "name" : "GLSA-201701-43", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-43" - }, - { - "name" : "RHSA-2016:2658", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2658.html" - }, - { - "name" : "RHSA-2016:2659", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2659.html" - }, - { - "name" : "RHSA-2016:2079", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2079.html" - }, - { - "name" : "RHSA-2016:2088", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2088.html" - }, - { - "name" : "RHSA-2016:2089", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2089.html" - }, - { - "name" : "RHSA-2016:2090", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2090.html" - }, - { - "name" : "RHSA-2016:2136", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2136.html" - }, - { - "name" : "RHSA-2016:2137", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2137.html" - }, - { - "name" : "RHSA-2016:2138", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2138.html" - }, - { - "name" : "RHSA-2017:0061", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0061.html" - }, - { - "name" : "RHSA-2017:1216", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1216" - }, - { - "name" : "USN-3130-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3130-1" - }, - { - "name" : "USN-3154-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3154-1" - }, - { - "name" : "93628", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93628" - }, - { - "name" : "1037040", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037040" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3707", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3707" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20161019-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20161019-0001/" + }, + { + "name": "RHSA-2016:2659", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2659.html" + }, + { + "name": "RHSA-2016:2136", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2136.html" + }, + { + "name": "RHSA-2016:2079", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2079.html" + }, + { + "name": "93628", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93628" + }, + { + "name": "USN-3130-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3130-1" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "RHSA-2016:2137", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2137.html" + }, + { + "name": "RHSA-2016:2138", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2138.html" + }, + { + "name": "GLSA-201701-43", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-43" + }, + { + "name": "RHSA-2016:2090", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2090.html" + }, + { + "name": "GLSA-201611-04", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201611-04" + }, + { + "name": "RHSA-2017:0061", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0061.html" + }, + { + "name": "RHSA-2017:1216", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1216" + }, + { + "name": "USN-3154-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3154-1" + }, + { + "name": "RHSA-2016:2089", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2089.html" + }, + { + "name": "1037040", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037040" + }, + { + "name": "RHSA-2016:2088", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2088.html" + }, + { + "name": "RHSA-2016:2658", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2658.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5891.json b/2016/5xxx/CVE-2016-5891.json index e04e8017f3d..de3bb212d7c 100644 --- a/2016/5xxx/CVE-2016-5891.json +++ b/2016/5xxx/CVE-2016-5891.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5891", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5891", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0361.json b/2019/0xxx/CVE-2019-0361.json index 35946c13b30..205cacb2e48 100644 --- a/2019/0xxx/CVE-2019-0361.json +++ b/2019/0xxx/CVE-2019-0361.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0361", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0361", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0613.json b/2019/0xxx/CVE-2019-0613.json index 94d6d067a3d..ac0d1ff6d60 100644 --- a/2019/0xxx/CVE-2019-0613.json +++ b/2019/0xxx/CVE-2019-0613.json @@ -1,407 +1,407 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0613", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft .NET Framework 4.5.2", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value" : "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" - }, - { - "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value" : "Windows Server 2012" - }, - { - "version_value" : "Windows Server 2012 (Server Core installation)" - }, - { - "version_value" : "Windows 8.1 for 32-bit systems" - }, - { - "version_value" : "Windows 8.1 for x64-based systems" - }, - { - "version_value" : "Windows Server 2012 R2" - }, - { - "version_value" : "Windows RT 8.1" - }, - { - "version_value" : "Windows Server 2012 R2 (Server Core installation)" - }, - { - "version_value" : "Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value" : "Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name" : "Microsoft .NET Framework 4.6", - "version" : { - "version_data" : [ - { - "version_value" : "Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value" : "Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name" : "Microsoft Visual Studio", - "version" : { - "version_data" : [ - { - "version_value" : "2017" - } - ] - } - }, - { - "product_name" : "Microsoft .NET Framework 4.7.2", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value" : "Windows Server, version 1803 (Server Core Installation)" - }, - { - "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value" : "Windows Server 2019" - }, - { - "version_value" : "Windows Server 2019 (Server Core installation)" - } - ] - } - }, - { - "product_name" : "Microsoft .NET Framework 4.6/4.6.1/4.6.2", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 for x64-based Systems" - } - ] - } - }, - { - "product_name" : "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value" : "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" - }, - { - "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value" : "Windows Server 2012" - }, - { - "version_value" : "Windows Server 2012 (Server Core installation)" - }, - { - "version_value" : "Windows 8.1 for 32-bit systems" - }, - { - "version_value" : "Windows 8.1 for x64-based systems" - }, - { - "version_value" : "Windows Server 2012 R2" - }, - { - "version_value" : "Windows RT 8.1" - }, - { - "version_value" : "Windows Server 2012 R2 (Server Core installation)" - } - ] - } - }, - { - "product_name" : "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", - "version" : { - "version_data" : [ - { - "version_value" : "Windows Server 2016" - }, - { - "version_value" : "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value" : "Windows Server 2016 (Server Core installation)" - } - ] - } - }, - { - "product_name" : "Microsoft .NET Framework 4.7/4.7.1/4.7.2", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1703 for x64-based Systems" - } - ] - } - }, - { - "product_name" : "Microsoft .NET Framework 4.7.1/4.7.2", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value" : "Windows Server, version 1709 (Server Core Installation)" - }, - { - "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name" : "Microsoft Visual Studio 2017", - "version" : { - "version_data" : [ - { - "version_value" : "version 15.9" - } - ] - } - }, - { - "product_name" : "Microsoft .NET Framework 3.5", - "version" : { - "version_data" : [ - { - "version_value" : "Windows Server 2012" - }, - { - "version_value" : "Windows Server 2012 (Server Core installation)" - }, - { - "version_value" : "Windows 8.1 for 32-bit systems" - }, - { - "version_value" : "Windows 8.1 for x64-based systems" - }, - { - "version_value" : "Windows Server 2012 R2" - }, - { - "version_value" : "Windows Server 2012 R2 (Server Core installation)" - }, - { - "version_value" : "Windows 10 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 for x64-based Systems" - }, - { - "version_value" : "Windows Server 2016" - }, - { - "version_value" : "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value" : "Windows Server 2016 (Server Core installation)" - }, - { - "version_value" : "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value" : "Windows Server, version 1709 (Server Core Installation)" - }, - { - "version_value" : "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value" : "Windows Server, version 1803 (Server Core Installation)" - }, - { - "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value" : "Windows Server 2019" - }, - { - "version_value" : "Windows Server 2019 (Server Core installation)" - }, - { - "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name" : "Microsoft .NET Framework 3.0", - "version" : { - "version_data" : [ - { - "version_value" : "Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2" - }, - { - "version_value" : "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value" : "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name" : "Microsoft .NET Framework 2.0", - "version" : { - "version_data" : [ - { - "version_value" : "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2" - }, - { - "version_value" : "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2" - } - ] - } - }, - { - "product_name" : "Microsoft .NET Framework 3.5.1", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value" : "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" - }, - { - "version_value" : "Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1" - }, - { - "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in .NET Framework and Visual Studio software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework and Visual Studio Remote Code Execution Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0613", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft .NET Framework 4.5.2", + "version": { + "version_data": [ + { + "version_value": "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" + }, + { + "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "Windows Server 2012" + }, + { + "version_value": "Windows Server 2012 (Server Core installation)" + }, + { + "version_value": "Windows 8.1 for 32-bit systems" + }, + { + "version_value": "Windows 8.1 for x64-based systems" + }, + { + "version_value": "Windows Server 2012 R2" + }, + { + "version_value": "Windows RT 8.1" + }, + { + "version_value": "Windows Server 2012 R2 (Server Core installation)" + }, + { + "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 4.6", + "version": { + "version_data": [ + { + "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio", + "version": { + "version_data": [ + { + "version_value": "2017" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 4.7.2", + "version": { + "version_data": [ + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value": "Windows Server, version 1803 (Server Core Installation)" + }, + { + "version_value": "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value": "Windows Server 2019" + }, + { + "version_value": "Windows Server 2019 (Server Core installation)" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 4.6/4.6.1/4.6.2", + "version": { + "version_data": [ + { + "version_value": "Windows 10 for 32-bit Systems" + }, + { + "version_value": "Windows 10 for x64-based Systems" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2", + "version": { + "version_data": [ + { + "version_value": "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" + }, + { + "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "Windows Server 2012" + }, + { + "version_value": "Windows Server 2012 (Server Core installation)" + }, + { + "version_value": "Windows 8.1 for 32-bit systems" + }, + { + "version_value": "Windows 8.1 for x64-based systems" + }, + { + "version_value": "Windows Server 2012 R2" + }, + { + "version_value": "Windows RT 8.1" + }, + { + "version_value": "Windows Server 2012 R2 (Server Core installation)" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2", + "version": { + "version_data": [ + { + "version_value": "Windows Server 2016" + }, + { + "version_value": "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value": "Windows Server 2016 (Server Core installation)" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 4.7/4.7.1/4.7.2", + "version": { + "version_data": [ + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 4.7.1/4.7.2", + "version": { + "version_data": [ + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows Server, version 1709 (Server Core Installation)" + }, + { + "version_value": "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2017", + "version": { + "version_data": [ + { + "version_value": "version 15.9" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 3.5", + "version": { + "version_data": [ + { + "version_value": "Windows Server 2012" + }, + { + "version_value": "Windows Server 2012 (Server Core installation)" + }, + { + "version_value": "Windows 8.1 for 32-bit systems" + }, + { + "version_value": "Windows 8.1 for x64-based systems" + }, + { + "version_value": "Windows Server 2012 R2" + }, + { + "version_value": "Windows Server 2012 R2 (Server Core installation)" + }, + { + "version_value": "Windows 10 for 32-bit Systems" + }, + { + "version_value": "Windows 10 for x64-based Systems" + }, + { + "version_value": "Windows Server 2016" + }, + { + "version_value": "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value": "Windows Server 2016 (Server Core installation)" + }, + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows Server, version 1709 (Server Core Installation)" + }, + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value": "Windows Server, version 1803 (Server Core Installation)" + }, + { + "version_value": "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value": "Windows Server 2019" + }, + { + "version_value": "Windows Server 2019 (Server Core installation)" + }, + { + "version_value": "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 3.0", + "version": { + "version_data": [ + { + "version_value": "Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2" + }, + { + "version_value": "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 2.0", + "version": { + "version_data": [ + { + "version_value": "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2" + }, + { + "version_value": "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2" + } + ] + } + }, + { + "product_name": "Microsoft .NET Framework 3.5.1", + "version": { + "version_data": [ + { + "version_value": "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)" + }, + { + "version_value": "Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1" + }, + { + "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0613", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0613" - }, - { - "name" : "106872", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106872" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists in .NET Framework and Visual Studio software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework and Visual Studio Remote Code Execution Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106872", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106872" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0613", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0613" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0634.json b/2019/0xxx/CVE-2019-0634.json index 4c08668b627..373d6ba7a2c 100644 --- a/2019/0xxx/CVE-2019-0634.json +++ b/2019/0xxx/CVE-2019-0634.json @@ -1,100 +1,100 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0634", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Edge", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value" : "Windows Server 2019" - }, - { - "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0645, CVE-2019-0650." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0634", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Edge", + "version": { + "version_data": [ + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "Windows Server 2019" + }, + { + "version_value": "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0634", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0634" - }, - { - "name" : "106899", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106899" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0645, CVE-2019-0650." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0634", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0634" + }, + { + "name": "106899", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106899" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0773.json b/2019/0xxx/CVE-2019-0773.json index 21ab92a1d68..fcd3c11ef92 100644 --- a/2019/0xxx/CVE-2019-0773.json +++ b/2019/0xxx/CVE-2019-0773.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0773", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0773", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0974.json b/2019/0xxx/CVE-2019-0974.json index 6704221cca6..10450d5afc3 100644 --- a/2019/0xxx/CVE-2019-0974.json +++ b/2019/0xxx/CVE-2019-0974.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0974", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0974", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1367.json b/2019/1xxx/CVE-2019-1367.json index 389dbc02668..d50322dd53c 100644 --- a/2019/1xxx/CVE-2019-1367.json +++ b/2019/1xxx/CVE-2019-1367.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1367", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1367", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1454.json b/2019/1xxx/CVE-2019-1454.json index f0e615c2882..913bdf0ea36 100644 --- a/2019/1xxx/CVE-2019-1454.json +++ b/2019/1xxx/CVE-2019-1454.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1454", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1454", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4060.json b/2019/4xxx/CVE-2019-4060.json index 50712a524d3..a8fe05f2a33 100644 --- a/2019/4xxx/CVE-2019-4060.json +++ b/2019/4xxx/CVE-2019-4060.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4060", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4060", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4084.json b/2019/4xxx/CVE-2019-4084.json index c0488dd96f1..dd3226235a9 100644 --- a/2019/4xxx/CVE-2019-4084.json +++ b/2019/4xxx/CVE-2019-4084.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4084", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4084", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4507.json b/2019/4xxx/CVE-2019-4507.json index 8ba47765807..ef22b9371de 100644 --- a/2019/4xxx/CVE-2019-4507.json +++ b/2019/4xxx/CVE-2019-4507.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4507", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4507", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4809.json b/2019/4xxx/CVE-2019-4809.json index 30345700577..b5999c5cf71 100644 --- a/2019/4xxx/CVE-2019-4809.json +++ b/2019/4xxx/CVE-2019-4809.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4809", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4809", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5036.json b/2019/5xxx/CVE-2019-5036.json index 396097874ad..93365eb6827 100644 --- a/2019/5xxx/CVE-2019-5036.json +++ b/2019/5xxx/CVE-2019-5036.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5036", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5036", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5509.json b/2019/5xxx/CVE-2019-5509.json index ae612425718..718d74e812f 100644 --- a/2019/5xxx/CVE-2019-5509.json +++ b/2019/5xxx/CVE-2019-5509.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5509", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5509", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5540.json b/2019/5xxx/CVE-2019-5540.json index df61cc93b3c..ce079a5f868 100644 --- a/2019/5xxx/CVE-2019-5540.json +++ b/2019/5xxx/CVE-2019-5540.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5540", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5540", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5823.json b/2019/5xxx/CVE-2019-5823.json index eb3763a8816..51b70a987ba 100644 --- a/2019/5xxx/CVE-2019-5823.json +++ b/2019/5xxx/CVE-2019-5823.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5823", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5823", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8204.json b/2019/8xxx/CVE-2019-8204.json index 18ca67a26aa..55675fe86b9 100644 --- a/2019/8xxx/CVE-2019-8204.json +++ b/2019/8xxx/CVE-2019-8204.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8204", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8204", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8294.json b/2019/8xxx/CVE-2019-8294.json index 9f731816668..655b8bdd734 100644 --- a/2019/8xxx/CVE-2019-8294.json +++ b/2019/8xxx/CVE-2019-8294.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8294", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8294", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8640.json b/2019/8xxx/CVE-2019-8640.json index 25060fb60e2..eae45165325 100644 --- a/2019/8xxx/CVE-2019-8640.json +++ b/2019/8xxx/CVE-2019-8640.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8640", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8640", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9540.json b/2019/9xxx/CVE-2019-9540.json index 04e5f0f3b14..20f2388275c 100644 --- a/2019/9xxx/CVE-2019-9540.json +++ b/2019/9xxx/CVE-2019-9540.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9540", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9540", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9589.json b/2019/9xxx/CVE-2019-9589.json index e95a10ff7bc..e30d86dd6b4 100644 --- a/2019/9xxx/CVE-2019-9589.json +++ b/2019/9xxx/CVE-2019-9589.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9589", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9589", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41262", - "refsource" : "MISC", - "url" : "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41262" - }, - { - "name" : "https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-function-psoutputdevsetupresources-xpdf-4-01/", - "refsource" : "MISC", - "url" : "https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-function-psoutputdevsetupresources-xpdf-4-01/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-function-psoutputdevsetupresources-xpdf-4-01/", + "refsource": "MISC", + "url": "https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-function-psoutputdevsetupresources-xpdf-4-01/" + }, + { + "name": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41262", + "refsource": "MISC", + "url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41262" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9677.json b/2019/9xxx/CVE-2019-9677.json index 31d3992cbd2..0477a5846d9 100644 --- a/2019/9xxx/CVE-2019-9677.json +++ b/2019/9xxx/CVE-2019-9677.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9677", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9677", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9781.json b/2019/9xxx/CVE-2019-9781.json index 1b0b4191d98..3c9723540da 100644 --- a/2019/9xxx/CVE-2019-9781.json +++ b/2019/9xxx/CVE-2019-9781.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9781", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9781", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file