From 3a8f6f7944a39a4ed2236f0e02848d59d78b0a8d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 03:42:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0057.json | 160 ++++++------ 2007/0xxx/CVE-2007-0060.json | 200 +++++++------- 2007/0xxx/CVE-2007-0085.json | 210 +++++++-------- 2007/0xxx/CVE-2007-0233.json | 150 +++++------ 2007/0xxx/CVE-2007-0664.json | 160 ++++++------ 2007/0xxx/CVE-2007-0948.json | 180 ++++++------- 2007/1xxx/CVE-2007-1055.json | 170 ++++++------ 2007/1xxx/CVE-2007-1205.json | 230 ++++++++-------- 2007/1xxx/CVE-2007-1592.json | 490 +++++++++++++++++------------------ 2007/1xxx/CVE-2007-1598.json | 160 ++++++------ 2007/1xxx/CVE-2007-1723.json | 260 +++++++++---------- 2007/4xxx/CVE-2007-4117.json | 150 +++++------ 2007/5xxx/CVE-2007-5003.json | 200 +++++++------- 2007/5xxx/CVE-2007-5026.json | 160 ++++++------ 2007/5xxx/CVE-2007-5199.json | 130 +++++----- 2007/5xxx/CVE-2007-5433.json | 170 ++++++------ 2015/3xxx/CVE-2015-3326.json | 150 +++++------ 2015/3xxx/CVE-2015-3758.json | 150 +++++------ 2015/6xxx/CVE-2015-6087.json | 130 +++++----- 2015/6xxx/CVE-2015-6914.json | 120 ++++----- 2015/7xxx/CVE-2015-7057.json | 140 +++++----- 2015/7xxx/CVE-2015-7258.json | 150 +++++------ 2015/7xxx/CVE-2015-7484.json | 130 +++++----- 2015/7xxx/CVE-2015-7957.json | 34 +-- 2015/8xxx/CVE-2015-8352.json | 150 +++++------ 2015/8xxx/CVE-2015-8473.json | 180 ++++++------- 2015/8xxx/CVE-2015-8650.json | 240 ++++++++--------- 2015/8xxx/CVE-2015-8741.json | 160 ++++++------ 2016/0xxx/CVE-2016-0154.json | 150 +++++------ 2016/0xxx/CVE-2016-0199.json | 180 ++++++------- 2016/0xxx/CVE-2016-0638.json | 140 +++++----- 2016/0xxx/CVE-2016-0708.json | 126 ++++----- 2016/1xxx/CVE-2016-1160.json | 140 +++++----- 2016/1xxx/CVE-2016-1415.json | 150 +++++------ 2016/1xxx/CVE-2016-1705.json | 420 +++++++++++++++--------------- 2016/1xxx/CVE-2016-1717.json | 200 +++++++------- 2016/1xxx/CVE-2016-1925.json | 130 +++++----- 2016/5xxx/CVE-2016-5409.json | 130 +++++----- 2016/5xxx/CVE-2016-5430.json | 130 +++++----- 2016/5xxx/CVE-2016-5780.json | 34 +-- 2016/5xxx/CVE-2016-5869.json | 34 +-- 2016/5xxx/CVE-2016-5988.json | 160 ++++++------ 2019/0xxx/CVE-2019-0638.json | 34 +-- 2019/0xxx/CVE-2019-0795.json | 34 +-- 2019/0xxx/CVE-2019-0913.json | 34 +-- 2019/1xxx/CVE-2019-1213.json | 34 +-- 2019/1xxx/CVE-2019-1533.json | 34 +-- 2019/1xxx/CVE-2019-1560.json | 34 +-- 2019/1xxx/CVE-2019-1780.json | 34 +-- 2019/3xxx/CVE-2019-3077.json | 34 +-- 2019/3xxx/CVE-2019-3180.json | 34 +-- 2019/4xxx/CVE-2019-4445.json | 34 +-- 2019/4xxx/CVE-2019-4607.json | 34 +-- 2019/4xxx/CVE-2019-4896.json | 34 +-- 2019/4xxx/CVE-2019-4912.json | 34 +-- 2019/5xxx/CVE-2019-5083.json | 34 +-- 2019/5xxx/CVE-2019-5578.json | 34 +-- 2019/8xxx/CVE-2019-8449.json | 34 +-- 2019/8xxx/CVE-2019-8463.json | 34 +-- 2019/8xxx/CVE-2019-8484.json | 34 +-- 2019/8xxx/CVE-2019-8861.json | 34 +-- 2019/9xxx/CVE-2019-9137.json | 34 +-- 2019/9xxx/CVE-2019-9191.json | 130 +++++----- 2019/9xxx/CVE-2019-9740.json | 120 ++++----- 2019/9xxx/CVE-2019-9820.json | 34 +-- 65 files changed, 4001 insertions(+), 4001 deletions(-) diff --git a/2007/0xxx/CVE-2007-0057.json b/2007/0xxx/CVE-2007-0057.json index c5c04b77f05..f71f49113db 100644 --- a/2007/0xxx/CVE-2007-0057.json +++ b/2007/0xxx/CVE-2007-0057.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0057", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0057", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070103 Multiple Vulnerabilities in Cisco Clean Access", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/cisco-sa-20070103-CleanAccess.shtml" - }, - { - "name" : "ADV-2007-0030", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0030" - }, - { - "name" : "32578", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32578" - }, - { - "name" : "1017465", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017465" - }, - { - "name" : "23617", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23617" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23617", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23617" + }, + { + "name": "ADV-2007-0030", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0030" + }, + { + "name": "32578", + "refsource": "OSVDB", + "url": "http://osvdb.org/32578" + }, + { + "name": "20070103 Multiple Vulnerabilities in Cisco Clean Access", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070103-CleanAccess.shtml" + }, + { + "name": "1017465", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017465" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0060.json b/2007/0xxx/CVE-2007-0060.json index 0b3fc9cc637..bae34a5f04c 100644 --- a/2007/0xxx/CVE-2007-0060.json +++ b/2007/0xxx/CVE-2007-0060.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0060", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0060", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070724 CA Message Queuing Server (Cam.exe) Overflow", - "refsource" : "ISS", - "url" : "http://www.iss.net/threats/272.html" - }, - { - "name" : "20070725 [CAID 35527]: CA Message Queuing (CAM / CAFT) Buffer Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474602/100/0/threaded" - }, - { - "name" : "http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp", - "refsource" : "CONFIRM", - "url" : "http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp" - }, - { - "name" : "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809", - "refsource" : "CONFIRM", - "url" : "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809" - }, - { - "name" : "25051", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25051" - }, - { - "name" : "ADV-2007-2638", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2638" - }, - { - "name" : "1018449", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018449" - }, - { - "name" : "26190", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26190" - }, - { - "name" : "systems-management-bo(32234)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32234" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp", + "refsource": "CONFIRM", + "url": "http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp" + }, + { + "name": "ADV-2007-2638", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2638" + }, + { + "name": "systems-management-bo(32234)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32234" + }, + { + "name": "1018449", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018449" + }, + { + "name": "26190", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26190" + }, + { + "name": "20070725 [CAID 35527]: CA Message Queuing (CAM / CAFT) Buffer Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474602/100/0/threaded" + }, + { + "name": "25051", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25051" + }, + { + "name": "20070724 CA Message Queuing Server (Cam.exe) Overflow", + "refsource": "ISS", + "url": "http://www.iss.net/threats/272.html" + }, + { + "name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809", + "refsource": "CONFIRM", + "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0085.json b/2007/0xxx/CVE-2007-0085.json index 135c99dbac3..7f41220a418 100644 --- a/2007/0xxx/CVE-2007-0085.json +++ b/2007/0xxx/CVE-2007-0085.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0085", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related to agp_ioctl NULL pointer reference." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0085", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[openbsd-cvs] 20070103 Re: CVS: cvs.openbsd.org: src", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=openbsd-cvs&m=116781980706409&w=2" - }, - { - "name" : "[openbsd-cvs] 20070103 CVS: cvs.openbsd.org: www", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=openbsd-cvs&m=116785923301416&w=2" - }, - { - "name" : "http://ilja.netric.org/files/Unusual%20bugs%2023c3.pdf", - "refsource" : "MISC", - "url" : "http://ilja.netric.org/files/Unusual%20bugs%2023c3.pdf" - }, - { - "name" : "[3.9] 017: SECURITY FIX: January 3, 2007", - "refsource" : "OPENBSD", - "url" : "http://www.openbsd.org/errata39.html#agp" - }, - { - "name" : "[4.0] 007: SECURITY FIX: January 3, 2007", - "refsource" : "OPENBSD", - "url" : "http://www.openbsd.org/errata.html#agp" - }, - { - "name" : "ADV-2007-0043", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0043" - }, - { - "name" : "32574", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32574" - }, - { - "name" : "1017468", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017468" - }, - { - "name" : "23608", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23608" - }, - { - "name" : "openbsd-vga-privilege-escalation(31276)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31276" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related to agp_ioctl NULL pointer reference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://ilja.netric.org/files/Unusual%20bugs%2023c3.pdf", + "refsource": "MISC", + "url": "http://ilja.netric.org/files/Unusual%20bugs%2023c3.pdf" + }, + { + "name": "32574", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32574" + }, + { + "name": "[openbsd-cvs] 20070103 CVS: cvs.openbsd.org: www", + "refsource": "MLIST", + "url": "http://marc.info/?l=openbsd-cvs&m=116785923301416&w=2" + }, + { + "name": "[3.9] 017: SECURITY FIX: January 3, 2007", + "refsource": "OPENBSD", + "url": "http://www.openbsd.org/errata39.html#agp" + }, + { + "name": "[4.0] 007: SECURITY FIX: January 3, 2007", + "refsource": "OPENBSD", + "url": "http://www.openbsd.org/errata.html#agp" + }, + { + "name": "1017468", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017468" + }, + { + "name": "ADV-2007-0043", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0043" + }, + { + "name": "23608", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23608" + }, + { + "name": "openbsd-vga-privilege-escalation(31276)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31276" + }, + { + "name": "[openbsd-cvs] 20070103 Re: CVS: cvs.openbsd.org: src", + "refsource": "MLIST", + "url": "http://marc.info/?l=openbsd-cvs&m=116781980706409&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0233.json b/2007/0xxx/CVE-2007-0233.json index 634ca295d0d..00481525a29 100644 --- a/2007/0xxx/CVE-2007-0233.json +++ b/2007/0xxx/CVE-2007-0233.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0233", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "wp-trackback.php in WordPress 2.0.6 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the tb_id parameter. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in WordPress." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0233", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3109", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3109" - }, - { - "name" : "21983", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21983" - }, - { - "name" : "36860", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36860" - }, - { - "name" : "wordpress-tbid-sql-injection(31385)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31385" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "wp-trackback.php in WordPress 2.0.6 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the tb_id parameter. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in WordPress." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3109", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3109" + }, + { + "name": "21983", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21983" + }, + { + "name": "wordpress-tbid-sql-injection(31385)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31385" + }, + { + "name": "36860", + "refsource": "OSVDB", + "url": "http://osvdb.org/36860" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0664.json b/2007/0xxx/CVE-2007-0664.json index ca70b3f2083..cf8d1a3e6b8 100644 --- a/2007/0xxx/CVE-2007-0664.json +++ b/2007/0xxx/CVE-2007-0664.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0664", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "thttpd before 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote attackers to read arbitrary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0664", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=142047", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=142047" - }, - { - "name" : "GLSA-200701-28", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200701-28.xml" - }, - { - "name" : "22349", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22349" - }, - { - "name" : "31965", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31965" - }, - { - "name" : "24018", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24018" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "thttpd before 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote attackers to read arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=142047", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=142047" + }, + { + "name": "24018", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24018" + }, + { + "name": "31965", + "refsource": "OSVDB", + "url": "http://osvdb.org/31965" + }, + { + "name": "22349", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22349" + }, + { + "name": "GLSA-200701-28", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200701-28.xml" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0948.json b/2007/0xxx/CVE-2007-0948.json index af473d7a2d8..dbb435e5717 100644 --- a/2007/0xxx/CVE-2007-0948.json +++ b/2007/0xxx/CVE-2007-0948.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0948", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to \"interaction and initialization of components.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-0948", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS07-049", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-049" - }, - { - "name" : "TA07-226A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-226A.html" - }, - { - "name" : "25298", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25298" - }, - { - "name" : "ADV-2007-2873", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2873" - }, - { - "name" : "oval:org.mitre.oval:def:1259", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1259" - }, - { - "name" : "1018567", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018567" - }, - { - "name" : "26444", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26444" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to \"interaction and initialization of components.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:1259", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1259" + }, + { + "name": "TA07-226A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-226A.html" + }, + { + "name": "1018567", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018567" + }, + { + "name": "ADV-2007-2873", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2873" + }, + { + "name": "25298", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25298" + }, + { + "name": "MS07-049", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-049" + }, + { + "name": "26444", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26444" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1055.json b/2007/1xxx/CVE-2007-1055.json index d756bc8d8a1..6ce7d3f24ee 100644 --- a/2007/1xxx/CVE-2007-1055.json +++ b/2007/1xxx/CVE-2007-1055.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1055", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1055", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070220 MediaWiki Cross-site Scripting", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460596/100/0/threaded" - }, - { - "name" : "http://www.bugsec.com/articles.php?Security=24", - "refsource" : "MISC", - "url" : "http://www.bugsec.com/articles.php?Security=24" - }, - { - "name" : "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_0/phase3/RELEASE-NOTES", - "refsource" : "CONFIRM", - "url" : "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_0/phase3/RELEASE-NOTES" - }, - { - "name" : "37343", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37343" - }, - { - "name" : "2274", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2274" - }, - { - "name" : "mediawiki-index-xss(32586)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32586" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.bugsec.com/articles.php?Security=24", + "refsource": "MISC", + "url": "http://www.bugsec.com/articles.php?Security=24" + }, + { + "name": "20070220 MediaWiki Cross-site Scripting", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460596/100/0/threaded" + }, + { + "name": "2274", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2274" + }, + { + "name": "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_0/phase3/RELEASE-NOTES", + "refsource": "CONFIRM", + "url": "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_0/phase3/RELEASE-NOTES" + }, + { + "name": "mediawiki-index-xss(32586)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32586" + }, + { + "name": "37343", + "refsource": "OSVDB", + "url": "http://osvdb.org/37343" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1205.json b/2007/1xxx/CVE-2007-1205.json index 0639ecaf765..a310d591ff9 100644 --- a/2007/1xxx/CVE-2007-1205.json +++ b/2007/1xxx/CVE-2007-1205.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1205", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Microsoft Agent (msagent\\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-1205", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070410 Secunia Research: Microsoft Agent URL Parsing Memory CorruptionVulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/465235/100/0/threaded" - }, - { - "name" : "http://secunia.com/secunia_research/2006-74/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2006-74/advisory/" - }, - { - "name" : "HPSBST02208", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/466331/100/200/threaded" - }, - { - "name" : "SSRT071365", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/466331/100/200/threaded" - }, - { - "name" : "MS07-020", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-020" - }, - { - "name" : "TA07-100A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-100A.html" - }, - { - "name" : "VU#728057", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/728057" - }, - { - "name" : "23337", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23337" - }, - { - "name" : "ADV-2007-1324", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1324" - }, - { - "name" : "oval:org.mitre.oval:def:2034", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2034" - }, - { - "name" : "1017896", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017896" - }, - { - "name" : "22896", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22896" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Microsoft Agent (msagent\\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22896", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22896" + }, + { + "name": "HPSBST02208", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded" + }, + { + "name": "VU#728057", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/728057" + }, + { + "name": "ADV-2007-1324", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1324" + }, + { + "name": "1017896", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017896" + }, + { + "name": "MS07-020", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-020" + }, + { + "name": "20070410 Secunia Research: Microsoft Agent URL Parsing Memory CorruptionVulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/465235/100/0/threaded" + }, + { + "name": "TA07-100A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-100A.html" + }, + { + "name": "23337", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23337" + }, + { + "name": "SSRT071365", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded" + }, + { + "name": "http://secunia.com/secunia_research/2006-74/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2006-74/advisory/" + }, + { + "name": "oval:org.mitre.oval:def:2034", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2034" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1592.json b/2007/1xxx/CVE-2007-1592.json index b475a224121..128f467085f 100644 --- a/2007/1xxx/CVE-2007-1592.json +++ b/2007/1xxx/CVE-2007-1592.json @@ -1,247 +1,247 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1592", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1592", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[linux-netdev] 20070316 [PATCH 2.6.21-rc3] IPV6: ipv6_fl_socklist is inadvertently shared.", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=linux-netdev&m=117406721731891&w=2" - }, - { - "name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478", - "refsource" : "MISC", - "url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d35690beda1429544d46c8eb34b2e3a8c37ab299", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d35690beda1429544d46c8eb34b2e3a8c37ab299" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm" - }, - { - "name" : "DSA-1286", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1286" - }, - { - "name" : "DSA-1304", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1304" - }, - { - "name" : "DSA-1503", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1503" - }, - { - "name" : "MDKSA-2007:078", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:078" - }, - { - "name" : "MDVSA-2011:051", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051" - }, - { - "name" : "RHSA-2007:0347", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0347.html" - }, - { - "name" : "RHSA-2007:0436", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0436.html" - }, - { - "name" : "RHSA-2007:0673", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0673.html" - }, - { - "name" : "RHSA-2007:0672", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0672.html" - }, - { - "name" : "RHBA-2007-0304", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHBA-2007-0304.html" - }, - { - "name" : "SUSE-SA:2007:029", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html" - }, - { - "name" : "SUSE-SA:2007:030", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_30_kernel.html" - }, - { - "name" : "SUSE-SA:2007:035", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_35_kernel.html" - }, - { - "name" : "SUSE-SA:2007:043", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_43_kernel.html" - }, - { - "name" : "USN-464-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-464-1" - }, - { - "name" : "23104", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23104" - }, - { - "name" : "oval:org.mitre.oval:def:10130", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10130" - }, - { - "name" : "ADV-2007-1084", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1084" - }, - { - "name" : "24618", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24618" - }, - { - "name" : "24777", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24777" - }, - { - "name" : "25078", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25078" - }, - { - "name" : "25099", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25099" - }, - { - "name" : "25288", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25288" - }, - { - "name" : "25392", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25392" - }, - { - "name" : "25630", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25630" - }, - { - "name" : "25683", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25683" - }, - { - "name" : "25714", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25714" - }, - { - "name" : "25961", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25961" - }, - { - "name" : "26379", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26379" - }, - { - "name" : "25226", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25226" - }, - { - "name" : "27528", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27528" - }, - { - "name" : "29058", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29058" - }, - { - "name" : "kernel-tcpv6synrecvsoc-dos(33176)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33176" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2007:0436", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0436.html" + }, + { + "name": "DSA-1286", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1286" + }, + { + "name": "RHSA-2007:0347", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0347.html" + }, + { + "name": "[linux-netdev] 20070316 [PATCH 2.6.21-rc3] IPV6: ipv6_fl_socklist is inadvertently shared.", + "refsource": "MLIST", + "url": "http://marc.info/?l=linux-netdev&m=117406721731891&w=2" + }, + { + "name": "USN-464-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-464-1" + }, + { + "name": "SUSE-SA:2007:043", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html" + }, + { + "name": "MDKSA-2007:078", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:078" + }, + { + "name": "RHSA-2007:0673", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0673.html" + }, + { + "name": "24777", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24777" + }, + { + "name": "23104", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23104" + }, + { + "name": "27528", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27528" + }, + { + "name": "26379", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26379" + }, + { + "name": "25226", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25226" + }, + { + "name": "SUSE-SA:2007:029", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html" + }, + { + "name": "24618", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24618" + }, + { + "name": "25683", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25683" + }, + { + "name": "ADV-2007-1084", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1084" + }, + { + "name": "MDVSA-2011:051", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051" + }, + { + "name": "25288", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25288" + }, + { + "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478", + "refsource": "MISC", + "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478" + }, + { + "name": "RHSA-2007:0672", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0672.html" + }, + { + "name": "RHBA-2007-0304", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHBA-2007-0304.html" + }, + { + "name": "25099", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25099" + }, + { + "name": "25961", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25961" + }, + { + "name": "DSA-1503", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1503" + }, + { + "name": "25078", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25078" + }, + { + "name": "25392", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25392" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4" + }, + { + "name": "SUSE-SA:2007:030", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_30_kernel.html" + }, + { + "name": "29058", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29058" + }, + { + "name": "DSA-1304", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1304" + }, + { + "name": "25630", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25630" + }, + { + "name": "25714", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25714" + }, + { + "name": "kernel-tcpv6synrecvsoc-dos(33176)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33176" + }, + { + "name": "SUSE-SA:2007:035", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_35_kernel.html" + }, + { + "name": "oval:org.mitre.oval:def:10130", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10130" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d35690beda1429544d46c8eb34b2e3a8c37ab299", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d35690beda1429544d46c8eb34b2e3a8c37ab299" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1598.json b/2007/1xxx/CVE-2007-1598.json index 9322b086b8b..fd1de79b8ac 100644 --- a/2007/1xxx/CVE-2007-1598.json +++ b/2007/1xxx/CVE-2007-1598.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1598", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in InterVations FileCOPA FTP Server 1.01 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by filecopa.tar by Immunity. NOTE: some of these details are obtained from third party information. NOTE: As of 20070322, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1598", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.immunitysec.com/partners-index.shtml", - "refsource" : "MISC", - "url" : "http://www.immunitysec.com/partners-index.shtml" - }, - { - "name" : "https://www.immunityinc.com/downloads/immpartners/filecopa.tar", - "refsource" : "MISC", - "url" : "https://www.immunityinc.com/downloads/immpartners/filecopa.tar" - }, - { - "name" : "23056", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23056" - }, - { - "name" : "43559", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43559" - }, - { - "name" : "filecopa-unspecified-bo(33462)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33462" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in InterVations FileCOPA FTP Server 1.01 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by filecopa.tar by Immunity. NOTE: some of these details are obtained from third party information. NOTE: As of 20070322, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23056", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23056" + }, + { + "name": "filecopa-unspecified-bo(33462)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33462" + }, + { + "name": "43559", + "refsource": "OSVDB", + "url": "http://osvdb.org/43559" + }, + { + "name": "http://www.immunitysec.com/partners-index.shtml", + "refsource": "MISC", + "url": "http://www.immunitysec.com/partners-index.shtml" + }, + { + "name": "https://www.immunityinc.com/downloads/immpartners/filecopa.tar", + "refsource": "MISC", + "url": "https://www.immunityinc.com/downloads/immpartners/filecopa.tar" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1723.json b/2007/1xxx/CVE-2007-1723.json index 34fb6c95083..0d81012fbfd 100644 --- a/2007/1xxx/CVE-2007-1723.json +++ b/2007/1xxx/CVE-2007-1723.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1723", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the administration console in Secure Computing CipherTrust IronMail 6.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) network, (2) defRouterIp, (3) hostName, (4) domainName, (5) ipAddress, (6) defaultRouter, (7) dns1, or (8) dns2 parameter to (a) admin/system_IronMail.do; the (9) ipAddress parameter to (b) admin/systemOutOfBand.do; the (10) password or (11) confirmPassword parameter to (c) admin/systemBackup.do; the (12) Klicense parameter to (d) admin/systemLicenseManager.do; the (13) rows[1].attrValueStr or (14) rows[2].attrValueStr parameter to (e) admin/systemWebAdminConfig.do; the (15) rows[0].attrValueStr, rows[1].attrValueStr, (16) rows[2].attrValue, or (17) rows[2].attrValueStrClone parameter to (f) admin/ldap_ConfigureServiceProperties.do; the (18) input1 parameter to (g) admin/mailFirewall_MailRoutingInternal.do; or the (19) rows[2].attrValueStr, (20) rows[3].attrValueStr, (21) rows[5].attrValueStr, or (22) rows[6].attrValueStr parameter to (h) admin/mailIdsConfig.do." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1723", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070326 Multiple XSS in IronMail", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463827/100/0/threaded" - }, - { - "name" : "http://www.514.es/2007/03/siaadv07004_multiples_vulnerab.html", - "refsource" : "MISC", - "url" : "http://www.514.es/2007/03/siaadv07004_multiples_vulnerab.html" - }, - { - "name" : "ADV-2007-1164", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1164" - }, - { - "name" : "34526", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34526" - }, - { - "name" : "34527", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34527" - }, - { - "name" : "34528", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34528" - }, - { - "name" : "34529", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34529" - }, - { - "name" : "34530", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34530" - }, - { - "name" : "34531", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34531" - }, - { - "name" : "34532", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34532" - }, - { - "name" : "34533", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34533" - }, - { - "name" : "1017821", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017821" - }, - { - "name" : "24657", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24657" - }, - { - "name" : "2484", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2484" - }, - { - "name" : "ironmail-multiple-xss(33232)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33232" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in the administration console in Secure Computing CipherTrust IronMail 6.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) network, (2) defRouterIp, (3) hostName, (4) domainName, (5) ipAddress, (6) defaultRouter, (7) dns1, or (8) dns2 parameter to (a) admin/system_IronMail.do; the (9) ipAddress parameter to (b) admin/systemOutOfBand.do; the (10) password or (11) confirmPassword parameter to (c) admin/systemBackup.do; the (12) Klicense parameter to (d) admin/systemLicenseManager.do; the (13) rows[1].attrValueStr or (14) rows[2].attrValueStr parameter to (e) admin/systemWebAdminConfig.do; the (15) rows[0].attrValueStr, rows[1].attrValueStr, (16) rows[2].attrValue, or (17) rows[2].attrValueStrClone parameter to (f) admin/ldap_ConfigureServiceProperties.do; the (18) input1 parameter to (g) admin/mailFirewall_MailRoutingInternal.do; or the (19) rows[2].attrValueStr, (20) rows[3].attrValueStr, (21) rows[5].attrValueStr, or (22) rows[6].attrValueStr parameter to (h) admin/mailIdsConfig.do." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34528", + "refsource": "OSVDB", + "url": "http://osvdb.org/34528" + }, + { + "name": "34531", + "refsource": "OSVDB", + "url": "http://osvdb.org/34531" + }, + { + "name": "1017821", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017821" + }, + { + "name": "2484", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2484" + }, + { + "name": "34529", + "refsource": "OSVDB", + "url": "http://osvdb.org/34529" + }, + { + "name": "ADV-2007-1164", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1164" + }, + { + "name": "ironmail-multiple-xss(33232)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33232" + }, + { + "name": "20070326 Multiple XSS in IronMail", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463827/100/0/threaded" + }, + { + "name": "34530", + "refsource": "OSVDB", + "url": "http://osvdb.org/34530" + }, + { + "name": "34533", + "refsource": "OSVDB", + "url": "http://osvdb.org/34533" + }, + { + "name": "http://www.514.es/2007/03/siaadv07004_multiples_vulnerab.html", + "refsource": "MISC", + "url": "http://www.514.es/2007/03/siaadv07004_multiples_vulnerab.html" + }, + { + "name": "24657", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24657" + }, + { + "name": "34527", + "refsource": "OSVDB", + "url": "http://osvdb.org/34527" + }, + { + "name": "34532", + "refsource": "OSVDB", + "url": "http://osvdb.org/34532" + }, + { + "name": "34526", + "refsource": "OSVDB", + "url": "http://osvdb.org/34526" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4117.json b/2007/4xxx/CVE-2007-4117.json index 1a1c7a70103..04553249861 100644 --- a/2007/4xxx/CVE-2007-4117.json +++ b/2007/4xxx/CVE-2007-4117.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4117", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** PHP remote file inclusion vulnerability in index.php in phpWebFileManager 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the PN_PathPrefix parameter. NOTE: this issue is disputed by a reliable third party, who demonstrates that PN_PathPrefix is defined before use." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4117", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070730 phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475095/100/0/threaded" - }, - { - "name" : "20070731 WTF: phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-July/001744.html" - }, - { - "name" : "2940", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2940" - }, - { - "name" : "phpwebfilemanager-index-file-include(35690)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35690" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** PHP remote file inclusion vulnerability in index.php in phpWebFileManager 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the PN_PathPrefix parameter. NOTE: this issue is disputed by a reliable third party, who demonstrates that PN_PathPrefix is defined before use." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070731 WTF: phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-July/001744.html" + }, + { + "name": "phpwebfilemanager-index-file-include(35690)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35690" + }, + { + "name": "20070730 phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475095/100/0/threaded" + }, + { + "name": "2940", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2940" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5003.json b/2007/5xxx/CVE-2007-5003.json index 8a6aad67177..2be7f19e5ac 100644 --- a/2007/5xxx/CVE-2007-5003.json +++ b/2007/5xxx/CVE-2007-5003.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5003", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5003", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops", - "refsource" : "EEYE", - "url" : "http://research.eeye.com/html/advisories/published/AD20070920.html" - }, - { - "name" : "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599" - }, - { - "name" : "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/480252/100/100/threaded" - }, - { - "name" : "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp", - "refsource" : "CONFIRM", - "url" : "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp" - }, - { - "name" : "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006", - "refsource" : "CONFIRM", - "url" : "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006" - }, - { - "name" : "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674", - "refsource" : "CONFIRM", - "url" : "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674" - }, - { - "name" : "24348", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24348" - }, - { - "name" : "1018728", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018728" - }, - { - "name" : "25606", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25606" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24348", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24348" + }, + { + "name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674", + "refsource": "CONFIRM", + "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674" + }, + { + "name": "25606", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25606" + }, + { + "name": "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599" + }, + { + "name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006", + "refsource": "CONFIRM", + "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006" + }, + { + "name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded" + }, + { + "name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp", + "refsource": "CONFIRM", + "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp" + }, + { + "name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops", + "refsource": "EEYE", + "url": "http://research.eeye.com/html/advisories/published/AD20070920.html" + }, + { + "name": "1018728", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018728" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5026.json b/2007/5xxx/CVE-2007-5026.json index 5abbe3040a2..c7483022414 100644 --- a/2007/5xxx/CVE-2007-5026.json +++ b/2007/5xxx/CVE-2007-5026.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5026", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "dBlog CMS, probably 2.0, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing an admin password hash via a direct request for dblog.mdb." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5026", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070919 [waraxe-2007-SA#052] - dBlog CMS Open Source database retrieval", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479969/100/0/threaded" - }, - { - "name" : "http://www.waraxe.us/advisory-52.html", - "refsource" : "MISC", - "url" : "http://www.waraxe.us/advisory-52.html" - }, - { - "name" : "43970", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43970" - }, - { - "name" : "3156", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3156" - }, - { - "name" : "dblog-dblog-information-disclosure(36703)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36703" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "dBlog CMS, probably 2.0, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing an admin password hash via a direct request for dblog.mdb." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3156", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3156" + }, + { + "name": "43970", + "refsource": "OSVDB", + "url": "http://osvdb.org/43970" + }, + { + "name": "20070919 [waraxe-2007-SA#052] - dBlog CMS Open Source database retrieval", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479969/100/0/threaded" + }, + { + "name": "dblog-dblog-information-disclosure(36703)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36703" + }, + { + "name": "http://www.waraxe.us/advisory-52.html", + "refsource": "MISC", + "url": "http://www.waraxe.us/advisory-52.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5199.json b/2007/5xxx/CVE-2007-5199.json index c32a1f2d022..40d8a365f19 100644 --- a/2007/5xxx/CVE-2007-5199.json +++ b/2007/5xxx/CVE-2007-5199.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5199", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5199", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.suse.com/show_bug.cgi?id=327854", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.suse.com/show_bug.cgi?id=327854" - }, - { - "name" : "https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=5bf703700ee4a5d6eae20da07cb7a29369667aef", - "refsource" : "CONFIRM", - "url" : "https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=5bf703700ee4a5d6eae20da07cb7a29369667aef" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.suse.com/show_bug.cgi?id=327854", + "refsource": "CONFIRM", + "url": "https://bugzilla.suse.com/show_bug.cgi?id=327854" + }, + { + "name": "https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=5bf703700ee4a5d6eae20da07cb7a29369667aef", + "refsource": "CONFIRM", + "url": "https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=5bf703700ee4a5d6eae20da07cb7a29369667aef" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5433.json b/2007/5xxx/CVE-2007-5433.json index 1bd3ac5c655..2f6bf39b37c 100644 --- a/2007/5xxx/CVE-2007-5433.json +++ b/2007/5xxx/CVE-2007-5433.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5433", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Site-Up 2.64 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) search or (2) search mask field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5433", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071010 Vulnerabilities digest", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482006/100/0/threaded" - }, - { - "name" : "http://securityvulns.ru/Sdocument12.html", - "refsource" : "MISC", - "url" : "http://securityvulns.ru/Sdocument12.html" - }, - { - "name" : "http://websecurity.com.ua/1210/", - "refsource" : "MISC", - "url" : "http://websecurity.com.ua/1210/" - }, - { - "name" : "26040", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26040" - }, - { - "name" : "42477", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42477" - }, - { - "name" : "3216", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3216" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Site-Up 2.64 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) search or (2) search mask field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26040", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26040" + }, + { + "name": "http://websecurity.com.ua/1210/", + "refsource": "MISC", + "url": "http://websecurity.com.ua/1210/" + }, + { + "name": "http://securityvulns.ru/Sdocument12.html", + "refsource": "MISC", + "url": "http://securityvulns.ru/Sdocument12.html" + }, + { + "name": "20071010 Vulnerabilities digest", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded" + }, + { + "name": "42477", + "refsource": "OSVDB", + "url": "http://osvdb.org/42477" + }, + { + "name": "3216", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3216" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3326.json b/2015/3xxx/CVE-2015-3326.json index 030c0f89e70..86980ce5bbb 100644 --- a/2015/3xxx/CVE-2015-3326.json +++ b/2015/3xxx/CVE-2015-3326.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3326", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3326", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html", - "refsource" : "MISC", - "url" : "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html" - }, - { - "name" : "http://esupport.trendmicro.com/solution/en-US/1109669.aspx", - "refsource" : "CONFIRM", - "url" : "http://esupport.trendmicro.com/solution/en-US/1109669.aspx" - }, - { - "name" : "74661", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74661" - }, - { - "name" : "1032323", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032323" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx", + "refsource": "CONFIRM", + "url": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx" + }, + { + "name": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html", + "refsource": "MISC", + "url": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html" + }, + { + "name": "74661", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74661" + }, + { + "name": "1032323", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032323" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3758.json b/2015/3xxx/CVE-2015-3758.json index 9f2cbbb7746..7bbcb578778 100644 --- a/2015/3xxx/CVE-2015-3758.json +++ b/2015/3xxx/CVE-2015-3758.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3758", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3758", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT205030", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205030" - }, - { - "name" : "APPLE-SA-2015-08-13-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" - }, - { - "name" : "76337", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76337" - }, - { - "name" : "1033275", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033275" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/kb/HT205030", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205030" + }, + { + "name": "1033275", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033275" + }, + { + "name": "76337", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76337" + }, + { + "name": "APPLE-SA-2015-08-13-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6087.json b/2015/6xxx/CVE-2015-6087.json index c285c83132a..e8d284cc7c9 100644 --- a/2015/6xxx/CVE-2015-6087.json +++ b/2015/6xxx/CVE-2015-6087.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6087", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6066, CVE-2015-6070, CVE-2015-6071, CVE-2015-6074, and CVE-2015-6076." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6087", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-112", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" - }, - { - "name" : "1034112", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034112" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6066, CVE-2015-6070, CVE-2015-6071, CVE-2015-6074, and CVE-2015-6076." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034112", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034112" + }, + { + "name": "MS15-112", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6914.json b/2015/6xxx/CVE-2015-6914.json index 45efb1f979f..311bb234419 100644 --- a/2015/6xxx/CVE-2015-6914.json +++ b/2015/6xxx/CVE-2015-6914.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6914", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Absolute path traversal vulnerability in SiteFactory CMS 5.5.9 allows remote attackers to read arbitrary files via a full pathname in the file parameter to assets/download.aspx." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6914", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/133251/SiteFactory-CMS-5.5.9-Directory-Traversal.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133251/SiteFactory-CMS-5.5.9-Directory-Traversal.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Absolute path traversal vulnerability in SiteFactory CMS 5.5.9 allows remote attackers to read arbitrary files via a full pathname in the file parameter to assets/download.aspx." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/133251/SiteFactory-CMS-5.5.9-Directory-Traversal.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133251/SiteFactory-CMS-5.5.9-Directory-Traversal.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7057.json b/2015/7xxx/CVE-2015-7057.json index 982b35ff5ff..6584c310a74 100644 --- a/2015/7xxx/CVE-2015-7057.json +++ b/2015/7xxx/CVE-2015-7057.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7057", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7057", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205642", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205642" - }, - { - "name" : "APPLE-SA-2015-12-08-6", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html" - }, - { - "name" : "1034340", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034340" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205642", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205642" + }, + { + "name": "APPLE-SA-2015-12-08-6", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html" + }, + { + "name": "1034340", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034340" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7258.json b/2015/7xxx/CVE-2015-7258.json index 8596ea7d7bd..0079229da00 100644 --- a/2015/7xxx/CVE-2015-7258.json +++ b/2015/7xxx/CVE-2015-7258.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7258", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-7258", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38772", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38772/" - }, - { - "name" : "20151114 ZTE ADSL modems - Multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Nov/48" - }, - { - "name" : "http://packetstormsecurity.com/files/134336/ZTE-ADSL-Authorization-Bypass-Information-Disclosure.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134336/ZTE-ADSL-Authorization-Bypass-Information-Disclosure.html" - }, - { - "name" : "http://packetstormsecurity.com/files/134493/ZTE-ADSL-ZXV10-W300-Authorization-Disclosure-Backdoor.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134493/ZTE-ADSL-ZXV10-W300-Authorization-Disclosure-Backdoor.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38772", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38772/" + }, + { + "name": "20151114 ZTE ADSL modems - Multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Nov/48" + }, + { + "name": "http://packetstormsecurity.com/files/134493/ZTE-ADSL-ZXV10-W300-Authorization-Disclosure-Backdoor.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134493/ZTE-ADSL-ZXV10-W300-Authorization-Disclosure-Backdoor.html" + }, + { + "name": "http://packetstormsecurity.com/files/134336/ZTE-ADSL-Authorization-Bypass-Information-Disclosure.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134336/ZTE-ADSL-Authorization-Bypass-Information-Disclosure.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7484.json b/2015/7xxx/CVE-2015-7484.json index 12a48e2fea3..937b16c0ab9 100644 --- a/2015/7xxx/CVE-2015-7484.json +++ b/2015/7xxx/CVE-2015-7484.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7484", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with access to lifecycle projects to obtain sensitive information by sending a crafted URL to the Lifecycle Query Engine. IBM X-Force ID: 108619." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-7484", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983720", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983720" - }, - { - "name" : "ibm-relm-cve20157484-info-disc(108619)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/108619" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with access to lifecycle projects to obtain sensitive information by sending a crafted URL to the Lifecycle Query Engine. IBM X-Force ID: 108619." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-relm-cve20157484-info-disc(108619)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108619" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7957.json b/2015/7xxx/CVE-2015-7957.json index 97a4ee6e7cc..7c86bbffb15 100644 --- a/2015/7xxx/CVE-2015-7957.json +++ b/2015/7xxx/CVE-2015-7957.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7957", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7957", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8352.json b/2015/8xxx/CVE-2015-8352.json index 17b666a9f7d..97c61ea3b3b 100644 --- a/2015/8xxx/CVE-2015-8352.json +++ b/2015/8xxx/CVE-2015-8352.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8352", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8352", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151216 RCE in Zen Cart via Arbitrary File Inclusion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537129/100/0/threaded" - }, - { - "name" : "39017", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39017/" - }, - { - "name" : "https://www.htbridge.com/advisory/HTB23282", - "refsource" : "MISC", - "url" : "https://www.htbridge.com/advisory/HTB23282" - }, - { - "name" : "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015", - "refsource" : "CONFIRM", - "url" : "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.htbridge.com/advisory/HTB23282", + "refsource": "MISC", + "url": "https://www.htbridge.com/advisory/HTB23282" + }, + { + "name": "39017", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39017/" + }, + { + "name": "20151216 RCE in Zen Cart via Arbitrary File Inclusion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537129/100/0/threaded" + }, + { + "name": "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015", + "refsource": "CONFIRM", + "url": "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8473.json b/2015/8xxx/CVE-2015-8473.json index 470d63b3c75..e79c4faedbf 100644 --- a/2015/8xxx/CVE-2015-8473.json +++ b/2015/8xxx/CVE-2015-8473.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8473", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote authenticated users to obtain sensitive information in changeset messages by leveraging permission to read issues with related changesets from other projects." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8473", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/redmine/redmine/commit/8d8f612fa368a72c56b63f7ce6b7e98cab9feb22", - "refsource" : "CONFIRM", - "url" : "https://github.com/redmine/redmine/commit/8d8f612fa368a72c56b63f7ce6b7e98cab9feb22" - }, - { - "name" : "https://www.redmine.org/issues/21136", - "refsource" : "CONFIRM", - "url" : "https://www.redmine.org/issues/21136" - }, - { - "name" : "https://www.redmine.org/projects/redmine/wiki/Changelog_3_0", - "refsource" : "CONFIRM", - "url" : "https://www.redmine.org/projects/redmine/wiki/Changelog_3_0" - }, - { - "name" : "https://www.redmine.org/projects/redmine/wiki/Changelog_3_1", - "refsource" : "CONFIRM", - "url" : "https://www.redmine.org/projects/redmine/wiki/Changelog_3_1" - }, - { - "name" : "https://www.redmine.org/versions/105", - "refsource" : "CONFIRM", - "url" : "https://www.redmine.org/versions/105" - }, - { - "name" : "DSA-3529", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3529" - }, - { - "name" : "78621", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78621" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote authenticated users to obtain sensitive information in changeset messages by leveraging permission to read issues with related changesets from other projects." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "78621", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78621" + }, + { + "name": "https://www.redmine.org/projects/redmine/wiki/Changelog_3_0", + "refsource": "CONFIRM", + "url": "https://www.redmine.org/projects/redmine/wiki/Changelog_3_0" + }, + { + "name": "https://www.redmine.org/issues/21136", + "refsource": "CONFIRM", + "url": "https://www.redmine.org/issues/21136" + }, + { + "name": "https://www.redmine.org/versions/105", + "refsource": "CONFIRM", + "url": "https://www.redmine.org/versions/105" + }, + { + "name": "https://www.redmine.org/projects/redmine/wiki/Changelog_3_1", + "refsource": "CONFIRM", + "url": "https://www.redmine.org/projects/redmine/wiki/Changelog_3_1" + }, + { + "name": "DSA-3529", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3529" + }, + { + "name": "https://github.com/redmine/redmine/commit/8d8f612fa368a72c56b63f7ce6b7e98cab9feb22", + "refsource": "CONFIRM", + "url": "https://github.com/redmine/redmine/commit/8d8f612fa368a72c56b63f7ce6b7e98cab9feb22" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8650.json b/2015/8xxx/CVE-2015-8650.json index d97d8074035..34b45ad9c97 100644 --- a/2015/8xxx/CVE-2015-8650.json +++ b/2015/8xxx/CVE-2015-8650.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8650", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, and CVE-2015-8649." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8650", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-651", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-651" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" - }, - { - "name" : "GLSA-201601-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201601-03" - }, - { - "name" : "RHSA-2015:2697", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2697.html" - }, - { - "name" : "SUSE-SU-2015:2401", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html" - }, - { - "name" : "SUSE-SU-2015:2402", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html" - }, - { - "name" : "openSUSE-SU-2015:2400", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html" - }, - { - "name" : "openSUSE-SU-2015:2403", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html" - }, - { - "name" : "79701", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79701" - }, - { - "name" : "1034544", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034544" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, and CVE-2015-8649." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:2403", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html" + }, + { + "name": "1034544", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034544" + }, + { + "name": "RHSA-2015:2697", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html" + }, + { + "name": "SUSE-SU-2015:2401", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" + }, + { + "name": "SUSE-SU-2015:2402", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html" + }, + { + "name": "79701", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79701" + }, + { + "name": "openSUSE-SU-2015:2400", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html" + }, + { + "name": "GLSA-201601-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201601-03" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-651", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-651" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8741.json b/2015/8xxx/CVE-2015-8741.json index 6fb9ea91bd8..667071b91ee 100644 --- a/2015/8xxx/CVE-2015-8741.json +++ b/2015/8xxx/CVE-2015-8741.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8741", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8741", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-59.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-59.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11876", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11876" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2290eba5cb25f927f9142680193ac1158d35506e", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2290eba5cb25f927f9142680193ac1158d35506e" - }, - { - "name" : "GLSA-201604-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-05" - }, - { - "name" : "1034551", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034551" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-59.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-59.html" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2290eba5cb25f927f9142680193ac1158d35506e", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2290eba5cb25f927f9142680193ac1158d35506e" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11876", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11876" + }, + { + "name": "GLSA-201604-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-05" + }, + { + "name": "1034551", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034551" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0154.json b/2016/0xxx/CVE-2016-0154.json index 3367982c99d..5bc81193e04 100644 --- a/2016/0xxx/CVE-2016-0154.json +++ b/2016/0xxx/CVE-2016-0154.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0154", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0154", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-037", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037" - }, - { - "name" : "MS16-038", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-038" - }, - { - "name" : "1035521", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035521" - }, - { - "name" : "1035522", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035522" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035521", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035521" + }, + { + "name": "MS16-037", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037" + }, + { + "name": "1035522", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035522" + }, + { + "name": "MS16-038", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-038" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0199.json b/2016/0xxx/CVE-2016-0199.json index 97fccd9a103..dcf971016f9 100644 --- a/2016/0xxx/CVE-2016-0199.json +++ b/2016/0xxx/CVE-2016-0199.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0199", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0200 and CVE-2016-3211." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0199", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160614 Microsoft Internet Explorer 11 Garbage Collector Attribute Type Confusion Vulnerability", - "refsource" : "IDEFENSE", - "url" : "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1226" - }, - { - "name" : "20160617 CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538706/100/0/threaded" - }, - { - "name" : "39994", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39994/" - }, - { - "name" : "20160618 CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Jun/44" - }, - { - "name" : "http://packetstormsecurity.com/files/137533/Microsoft-Internet-Explorer-11-Garbage-Collector-Attribute-Type-Confusion.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/137533/Microsoft-Internet-Explorer-11-Garbage-Collector-Attribute-Type-Confusion.html" - }, - { - "name" : "MS16-063", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063" - }, - { - "name" : "1036096", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036096" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0200 and CVE-2016-3211." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/137533/Microsoft-Internet-Explorer-11-Garbage-Collector-Attribute-Type-Confusion.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/137533/Microsoft-Internet-Explorer-11-Garbage-Collector-Attribute-Type-Confusion.html" + }, + { + "name": "MS16-063", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063" + }, + { + "name": "20160614 Microsoft Internet Explorer 11 Garbage Collector Attribute Type Confusion Vulnerability", + "refsource": "IDEFENSE", + "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1226" + }, + { + "name": "39994", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39994/" + }, + { + "name": "20160617 CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538706/100/0/threaded" + }, + { + "name": "1036096", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036096" + }, + { + "name": "20160618 CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Jun/44" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0638.json b/2016/0xxx/CVE-2016-0638.json index 35812518992..3f033f53f37 100644 --- a/2016/0xxx/CVE-2016-0638.json +++ b/2016/0xxx/CVE-2016-0638.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0638", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0638", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.tenable.com/security/research/tra-2016-09", - "refsource" : "MISC", - "url" : "https://www.tenable.com/security/research/tra-2016-09" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "1035615", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035615" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.tenable.com/security/research/tra-2016-09", + "refsource": "MISC", + "url": "https://www.tenable.com/security/research/tra-2016-09" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + }, + { + "name": "1035615", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035615" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0708.json b/2016/0xxx/CVE-2016-0708.json index b71d2360b69..2544fbdd256 100644 --- a/2016/0xxx/CVE-2016-0708.json +++ b/2016/0xxx/CVE-2016-0708.json @@ -1,65 +1,65 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security_alert@emc.com", - "ID" : "CVE-2016-0708", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cloud Foundry", - "version" : { - "version_data" : [ - { - "version_value" : "versions v166 through v227" - } - ] - } - } - ] - }, - "vendor_name" : "Cloud Foundry" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have been staged using automatic buildpack detection, passed through the Java Buildpack detection script, and allow the serving of static content from within the deployed artifact. The default Apache Tomcat configuration in the affected java buildpack versions for some basic web application archive (WAR) packaged applications are vulnerable to this issue." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2016-0708", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cloud Foundry", + "version": { + "version_data": [ + { + "version_value": "versions v166 through v227" + } + ] + } + } + ] + }, + "vendor_name": "Cloud Foundry" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.cloudfoundry.org/blog/cve-2016-0708/", - "refsource" : "CONFIRM", - "url" : "https://www.cloudfoundry.org/blog/cve-2016-0708/" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have been staged using automatic buildpack detection, passed through the Java Buildpack detection script, and allow the serving of static content from within the deployed artifact. The default Apache Tomcat configuration in the affected java buildpack versions for some basic web application archive (WAR) packaged applications are vulnerable to this issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cloudfoundry.org/blog/cve-2016-0708/", + "refsource": "CONFIRM", + "url": "https://www.cloudfoundry.org/blog/cve-2016-0708/" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1160.json b/2016/1xxx/CVE-2016-1160.json index aeed567200d..048ddc020f7 100644 --- a/2016/1xxx/CVE-2016-1160.json +++ b/2016/1xxx/CVE-2016-1160.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1160", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the WP Favorite Posts plugin before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1160", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://wordpress.org/plugins/wp-favorite-posts/changelog/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/plugins/wp-favorite-posts/changelog/" - }, - { - "name" : "JVN#86517621", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN86517621/index.html" - }, - { - "name" : "JVNDB-2016-000034", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000034" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the WP Favorite Posts plugin before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000034", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000034" + }, + { + "name": "JVN#86517621", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN86517621/index.html" + }, + { + "name": "https://wordpress.org/plugins/wp-favorite-posts/changelog/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/wp-favorite-posts/changelog/" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1415.json b/2016/1xxx/CVE-2016-1415.json index e7e4072543c..9c2dfcb20cf 100644 --- a/2016/1xxx/CVE-2016-1415.json +++ b/2016/1xxx/CVE-2016-1415.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1415", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted file, aka Bug ID CSCuz80455." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1415", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40509", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40509/" - }, - { - "name" : "20160831 Cisco WebEx Meetings Player Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-webex" - }, - { - "name" : "92711", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92711" - }, - { - "name" : "1036713", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036713" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted file, aka Bug ID CSCuz80455." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160831 Cisco WebEx Meetings Player Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-webex" + }, + { + "name": "1036713", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036713" + }, + { + "name": "92711", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92711" + }, + { + "name": "40509", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40509/" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1705.json b/2016/1xxx/CVE-2016-1705.json index 5680adb0245..554b7302ce3 100644 --- a/2016/1xxx/CVE-2016-1705.json +++ b/2016/1xxx/CVE-2016-1705.json @@ -1,212 +1,212 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1705", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1705", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://crbug.com/590619", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/590619" - }, - { - "name" : "http://crbug.com/599458", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/599458" - }, - { - "name" : "http://crbug.com/600953", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/600953" - }, - { - "name" : "http://crbug.com/609286", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/609286" - }, - { - "name" : "http://crbug.com/611959", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/611959" - }, - { - "name" : "http://crbug.com/612939", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/612939" - }, - { - "name" : "http://crbug.com/613869", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/613869" - }, - { - "name" : "http://crbug.com/613971", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/613971" - }, - { - "name" : "http://crbug.com/614405", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/614405" - }, - { - "name" : "http://crbug.com/614701", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/614701" - }, - { - "name" : "http://crbug.com/614989", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/614989" - }, - { - "name" : "http://crbug.com/615820", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/615820" - }, - { - "name" : "http://crbug.com/619378", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/619378" - }, - { - "name" : "http://crbug.com/619382", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/619382" - }, - { - "name" : "http://crbug.com/620694", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/620694" - }, - { - "name" : "http://crbug.com/620737", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/620737" - }, - { - "name" : "http://crbug.com/620858", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/620858" - }, - { - "name" : "http://crbug.com/620952", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/620952" - }, - { - "name" : "http://crbug.com/621843", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/621843" - }, - { - "name" : "http://crbug.com/622522", - "refsource" : "CONFIRM", - "url" : "http://crbug.com/622522" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html" - }, - { - "name" : "https://crbug.com/629852", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/629852" - }, - { - "name" : "DSA-3637", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3637" - }, - { - "name" : "RHSA-2016:1485", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1485.html" - }, - { - "name" : "openSUSE-SU-2016:1865", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html" - }, - { - "name" : "openSUSE-SU-2016:1868", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html" - }, - { - "name" : "openSUSE-SU-2016:1869", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html" - }, - { - "name" : "openSUSE-SU-2016:1918", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html" - }, - { - "name" : "USN-3041-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3041-1" - }, - { - "name" : "92053", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92053" - }, - { - "name" : "1036428", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036428" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:1868", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html" + }, + { + "name": "http://crbug.com/612939", + "refsource": "CONFIRM", + "url": "http://crbug.com/612939" + }, + { + "name": "http://crbug.com/600953", + "refsource": "CONFIRM", + "url": "http://crbug.com/600953" + }, + { + "name": "openSUSE-SU-2016:1869", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html" + }, + { + "name": "http://crbug.com/614989", + "refsource": "CONFIRM", + "url": "http://crbug.com/614989" + }, + { + "name": "92053", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92053" + }, + { + "name": "http://crbug.com/613869", + "refsource": "CONFIRM", + "url": "http://crbug.com/613869" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html" + }, + { + "name": "http://crbug.com/620737", + "refsource": "CONFIRM", + "url": "http://crbug.com/620737" + }, + { + "name": "http://crbug.com/622522", + "refsource": "CONFIRM", + "url": "http://crbug.com/622522" + }, + { + "name": "http://crbug.com/621843", + "refsource": "CONFIRM", + "url": "http://crbug.com/621843" + }, + { + "name": "http://crbug.com/614701", + "refsource": "CONFIRM", + "url": "http://crbug.com/614701" + }, + { + "name": "http://crbug.com/609286", + "refsource": "CONFIRM", + "url": "http://crbug.com/609286" + }, + { + "name": "USN-3041-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3041-1" + }, + { + "name": "http://crbug.com/619378", + "refsource": "CONFIRM", + "url": "http://crbug.com/619378" + }, + { + "name": "openSUSE-SU-2016:1918", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html" + }, + { + "name": "http://crbug.com/615820", + "refsource": "CONFIRM", + "url": "http://crbug.com/615820" + }, + { + "name": "http://crbug.com/619382", + "refsource": "CONFIRM", + "url": "http://crbug.com/619382" + }, + { + "name": "http://crbug.com/613971", + "refsource": "CONFIRM", + "url": "http://crbug.com/613971" + }, + { + "name": "https://crbug.com/629852", + "refsource": "CONFIRM", + "url": "https://crbug.com/629852" + }, + { + "name": "http://crbug.com/614405", + "refsource": "CONFIRM", + "url": "http://crbug.com/614405" + }, + { + "name": "http://crbug.com/590619", + "refsource": "CONFIRM", + "url": "http://crbug.com/590619" + }, + { + "name": "http://crbug.com/599458", + "refsource": "CONFIRM", + "url": "http://crbug.com/599458" + }, + { + "name": "openSUSE-SU-2016:1865", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html" + }, + { + "name": "http://crbug.com/620952", + "refsource": "CONFIRM", + "url": "http://crbug.com/620952" + }, + { + "name": "http://crbug.com/611959", + "refsource": "CONFIRM", + "url": "http://crbug.com/611959" + }, + { + "name": "RHSA-2016:1485", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1485.html" + }, + { + "name": "http://crbug.com/620694", + "refsource": "CONFIRM", + "url": "http://crbug.com/620694" + }, + { + "name": "1036428", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036428" + }, + { + "name": "DSA-3637", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3637" + }, + { + "name": "http://crbug.com/620858", + "refsource": "CONFIRM", + "url": "http://crbug.com/620858" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1717.json b/2016/1xxx/CVE-2016-1717.json index 33195d6a4dc..4df432b5ddd 100644 --- a/2016/1xxx/CVE-2016-1717.json +++ b/2016/1xxx/CVE-2016-1717.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1717", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1717", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205729", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205729" - }, - { - "name" : "https://support.apple.com/HT205731", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205731" - }, - { - "name" : "https://support.apple.com/HT205732", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205732" - }, - { - "name" : "https://support.apple.com/HT206168", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206168" - }, - { - "name" : "APPLE-SA-2016-01-19-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-01-19-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html" - }, - { - "name" : "APPLE-SA-2016-01-25-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html" - }, - { - "name" : "APPLE-SA-2016-03-21-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" - }, - { - "name" : "1034736", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034736" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT206168", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206168" + }, + { + "name": "https://support.apple.com/HT205731", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205731" + }, + { + "name": "https://support.apple.com/HT205729", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205729" + }, + { + "name": "APPLE-SA-2016-01-25-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html" + }, + { + "name": "1034736", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034736" + }, + { + "name": "APPLE-SA-2016-01-19-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html" + }, + { + "name": "APPLE-SA-2016-03-21-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" + }, + { + "name": "APPLE-SA-2016-01-19-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html" + }, + { + "name": "https://support.apple.com/HT205732", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205732" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1925.json b/2016/1xxx/CVE-2016-1925.json index 0f46055b766..f5b211dea0e 100644 --- a/2016/1xxx/CVE-2016-1925.json +++ b/2016/1xxx/CVE-2016-1925.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1925", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer underflow in header.c in lha allows remote attackers to have unspecified impact via a large header size value for the (1) level0 or (2) level1 header in a lha archive, which triggers a buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1925", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160118 Buffer Overflow in lha compression utility", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/18/3" - }, - { - "name" : "[oss-security] 20160118 Re: Buffer Overflow in lha compression utility", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/18/8" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer underflow in header.c in lha allows remote attackers to have unspecified impact via a large header size value for the (1) level0 or (2) level1 header in a lha archive, which triggers a buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160118 Re: Buffer Overflow in lha compression utility", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/18/8" + }, + { + "name": "[oss-security] 20160118 Buffer Overflow in lha compression utility", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/18/3" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5409.json b/2016/5xxx/CVE-2016-5409.json index 599ccb36913..6d9a379fd03 100644 --- a/2016/5xxx/CVE-2016-5409.json +++ b/2016/5xxx/CVE-2016-5409.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-5409", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-5409", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1366461", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1366461" - }, - { - "name" : "97988", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97988" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1366461", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1366461" + }, + { + "name": "97988", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97988" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5430.json b/2016/5xxx/CVE-2016-5430.json index 82148da9c29..a1315315f8e 100644 --- a/2016/5xxx/CVE-2016-5430.json +++ b/2016/5xxx/CVE-2016-5430.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-5430", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The RSA 1.5 algorithm implementation in the JOSE_JWE class in JWE.php in jose-php before 2.2.1 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack (MMA)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-5430", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/nov/jose-php/commit/f03b986b4439e20b0fd635109b48afe96cf0099b#diff-37b0d289d6375ba4a7740401950ccdd6R199", - "refsource" : "CONFIRM", - "url" : "https://github.com/nov/jose-php/commit/f03b986b4439e20b0fd635109b48afe96cf0099b#diff-37b0d289d6375ba4a7740401950ccdd6R199" - }, - { - "name" : "92741", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92741" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The RSA 1.5 algorithm implementation in the JOSE_JWE class in JWE.php in jose-php before 2.2.1 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack (MMA)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "92741", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92741" + }, + { + "name": "https://github.com/nov/jose-php/commit/f03b986b4439e20b0fd635109b48afe96cf0099b#diff-37b0d289d6375ba4a7740401950ccdd6R199", + "refsource": "CONFIRM", + "url": "https://github.com/nov/jose-php/commit/f03b986b4439e20b0fd635109b48afe96cf0099b#diff-37b0d289d6375ba4a7740401950ccdd6R199" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5780.json b/2016/5xxx/CVE-2016-5780.json index 5c0f9d56292..10e08c9b417 100644 --- a/2016/5xxx/CVE-2016-5780.json +++ b/2016/5xxx/CVE-2016-5780.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5780", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5780", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5869.json b/2016/5xxx/CVE-2016-5869.json index 70693fb7207..8c49c9d5208 100644 --- a/2016/5xxx/CVE-2016-5869.json +++ b/2016/5xxx/CVE-2016-5869.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5869", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5869", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5988.json b/2016/5xxx/CVE-2016-5988.json index c4d1eb5b089..6832fb4f724 100644 --- a/2016/5xxx/CVE-2016-5988.json +++ b/2016/5xxx/CVE-2016-5988.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-5988", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Privileged Identity Manager", - "version" : { - "version_data" : [ - { - "version_value" : "1.0.1" - }, - { - "version_value" : "1.0.1.1" - }, - { - "version_value" : "2.0.0" - }, - { - "version_value" : "2.0.1" - }, - { - "version_value" : "2.0.2" - }, - { - "version_value" : "2.1.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Privileged Identity Manager Virtual Appliance could disclose sensitive information in generated error messages that would be available to an authenticated user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-5988", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Privileged Identity Manager", + "version": { + "version_data": [ + { + "version_value": "1.0.1" + }, + { + "version_value": "1.0.1.1" + }, + { + "version_value": "2.0.0" + }, + { + "version_value": "2.0.1" + }, + { + "version_value": "2.0.2" + }, + { + "version_value": "2.1.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21996614", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21996614" - }, - { - "name" : "95198", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95198" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Privileged Identity Manager Virtual Appliance could disclose sensitive information in generated error messages that would be available to an authenticated user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21996614", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21996614" + }, + { + "name": "95198", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95198" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0638.json b/2019/0xxx/CVE-2019-0638.json index d2ce0dca4ba..92ed5438189 100644 --- a/2019/0xxx/CVE-2019-0638.json +++ b/2019/0xxx/CVE-2019-0638.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0638", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0638", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0795.json b/2019/0xxx/CVE-2019-0795.json index a51c63bf396..263358b8de3 100644 --- a/2019/0xxx/CVE-2019-0795.json +++ b/2019/0xxx/CVE-2019-0795.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0795", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0795", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0913.json b/2019/0xxx/CVE-2019-0913.json index 267d4a1a9ac..4986f90918f 100644 --- a/2019/0xxx/CVE-2019-0913.json +++ b/2019/0xxx/CVE-2019-0913.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0913", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0913", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1213.json b/2019/1xxx/CVE-2019-1213.json index b0eaa1b094d..af7a95c10e9 100644 --- a/2019/1xxx/CVE-2019-1213.json +++ b/2019/1xxx/CVE-2019-1213.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1213", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1213", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1533.json b/2019/1xxx/CVE-2019-1533.json index 58dbbffb2ae..d013a451455 100644 --- a/2019/1xxx/CVE-2019-1533.json +++ b/2019/1xxx/CVE-2019-1533.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1533", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1533", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1560.json b/2019/1xxx/CVE-2019-1560.json index 9e16f938615..684c9b595c4 100644 --- a/2019/1xxx/CVE-2019-1560.json +++ b/2019/1xxx/CVE-2019-1560.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1560", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1560", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1780.json b/2019/1xxx/CVE-2019-1780.json index 6a5aba31747..daf4cca0e44 100644 --- a/2019/1xxx/CVE-2019-1780.json +++ b/2019/1xxx/CVE-2019-1780.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1780", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1780", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3077.json b/2019/3xxx/CVE-2019-3077.json index 0416125b078..aac07b41419 100644 --- a/2019/3xxx/CVE-2019-3077.json +++ b/2019/3xxx/CVE-2019-3077.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3077", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3077", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3180.json b/2019/3xxx/CVE-2019-3180.json index 59066c38ed6..5d2411c13e6 100644 --- a/2019/3xxx/CVE-2019-3180.json +++ b/2019/3xxx/CVE-2019-3180.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3180", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3180", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4445.json b/2019/4xxx/CVE-2019-4445.json index 601ec6a8dbc..a39be9df0de 100644 --- a/2019/4xxx/CVE-2019-4445.json +++ b/2019/4xxx/CVE-2019-4445.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4445", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4445", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4607.json b/2019/4xxx/CVE-2019-4607.json index faa446be9c5..0892196fe9f 100644 --- a/2019/4xxx/CVE-2019-4607.json +++ b/2019/4xxx/CVE-2019-4607.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4607", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4607", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4896.json b/2019/4xxx/CVE-2019-4896.json index 063167d3436..6b798fc992e 100644 --- a/2019/4xxx/CVE-2019-4896.json +++ b/2019/4xxx/CVE-2019-4896.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4896", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4896", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4912.json b/2019/4xxx/CVE-2019-4912.json index 71648e73823..585e7ff6ec9 100644 --- a/2019/4xxx/CVE-2019-4912.json +++ b/2019/4xxx/CVE-2019-4912.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4912", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4912", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5083.json b/2019/5xxx/CVE-2019-5083.json index 0950afd0413..15802fdf805 100644 --- a/2019/5xxx/CVE-2019-5083.json +++ b/2019/5xxx/CVE-2019-5083.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5083", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5083", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5578.json b/2019/5xxx/CVE-2019-5578.json index eb1f14e79f5..597529a3be7 100644 --- a/2019/5xxx/CVE-2019-5578.json +++ b/2019/5xxx/CVE-2019-5578.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5578", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5578", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8449.json b/2019/8xxx/CVE-2019-8449.json index aaf460c3a78..d59949e980f 100644 --- a/2019/8xxx/CVE-2019-8449.json +++ b/2019/8xxx/CVE-2019-8449.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8449", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8449", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8463.json b/2019/8xxx/CVE-2019-8463.json index f1de3480d00..f81afc65983 100644 --- a/2019/8xxx/CVE-2019-8463.json +++ b/2019/8xxx/CVE-2019-8463.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8463", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8463", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8484.json b/2019/8xxx/CVE-2019-8484.json index 200a5232633..de4255bd813 100644 --- a/2019/8xxx/CVE-2019-8484.json +++ b/2019/8xxx/CVE-2019-8484.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8484", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8484", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8861.json b/2019/8xxx/CVE-2019-8861.json index 75aaee1bd28..d685dc15fa0 100644 --- a/2019/8xxx/CVE-2019-8861.json +++ b/2019/8xxx/CVE-2019-8861.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8861", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8861", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9137.json b/2019/9xxx/CVE-2019-9137.json index eac19727ed3..5284bac3d84 100644 --- a/2019/9xxx/CVE-2019-9137.json +++ b/2019/9xxx/CVE-2019-9137.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9137", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9137", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9191.json b/2019/9xxx/CVE-2019-9191.json index 796dc796d29..f030fa57ca0 100644 --- a/2019/9xxx/CVE-2019-9191.json +++ b/2019/9xxx/CVE-2019-9191.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9191", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ETSI Enterprise Transport Security (ETS, formerly known as eTLS) protocol does not provide per-session forward secrecy." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9191", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.eff.org/deeplinks/2019/02/ets-isnt-tls-and-you-shouldnt-use-it", - "refsource" : "MISC", - "url" : "https://www.eff.org/deeplinks/2019/02/ets-isnt-tls-and-you-shouldnt-use-it" - }, - { - "name" : "107208", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107208" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ETSI Enterprise Transport Security (ETS, formerly known as eTLS) protocol does not provide per-session forward secrecy." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.eff.org/deeplinks/2019/02/ets-isnt-tls-and-you-shouldnt-use-it", + "refsource": "MISC", + "url": "https://www.eff.org/deeplinks/2019/02/ets-isnt-tls-and-you-shouldnt-use-it" + }, + { + "name": "107208", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107208" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9740.json b/2019/9xxx/CVE-2019-9740.json index 9cf356e71fb..654f19c0fe7 100644 --- a/2019/9xxx/CVE-2019-9740.json +++ b/2019/9xxx/CVE-2019-9740.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9740", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.2. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n followed by an HTTP header or a Redis command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9740", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.python.org/issue36276", - "refsource" : "MISC", - "url" : "https://bugs.python.org/issue36276" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.2. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n followed by an HTTP header or a Redis command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.python.org/issue36276", + "refsource": "MISC", + "url": "https://bugs.python.org/issue36276" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9820.json b/2019/9xxx/CVE-2019-9820.json index 0840498ea8f..102cc02a0a3 100644 --- a/2019/9xxx/CVE-2019-9820.json +++ b/2019/9xxx/CVE-2019-9820.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9820", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9820", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file