diff --git a/2007/0xxx/CVE-2007-0039.json b/2007/0xxx/CVE-2007-0039.json index e9e2b5308f5..08089b2e702 100644 --- a/2007/0xxx/CVE-2007-0039.json +++ b/2007/0xxx/CVE-2007-0039.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0039", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MICROSOFT-CDO-MODPROPS (MODPROPS) properties in which the second MODPROPS is longer than the first, which triggers a NULL pointer dereference and an unhandled exception." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-0039", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070508 Exchange Calendar MODPROPS Denial of Service (CVE-2007-0039)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/468047/100/0/threaded" - }, - { - "name" : "20070509 Exchange Calendar MODPROPS Denial of Service (CVE-2007-0039)", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063232.html" - }, - { - "name" : "http://www.determina.com/security.research/vulnerabilities/exchange-ical-modprops.html", - "refsource" : "MISC", - "url" : "http://www.determina.com/security.research/vulnerabilities/exchange-ical-modprops.html" - }, - { - "name" : "HPSBST02214", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" - }, - { - "name" : "SSRT071422", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" - }, - { - "name" : "MS07-026", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-026" - }, - { - "name" : "TA07-128A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" - }, - { - "name" : "23808", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23808" - }, - { - "name" : "ADV-2007-1711", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1711" - }, - { - "name" : "34390", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34390" - }, - { - "name" : "oval:org.mitre.oval:def:1593", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1593" - }, - { - "name" : "1018015", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018015" - }, - { - "name" : "25183", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25183" - }, - { - "name" : "exchange-ical-dos(33888)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33888" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MICROSOFT-CDO-MODPROPS (MODPROPS) properties in which the second MODPROPS is longer than the first, which triggers a NULL pointer dereference and an unhandled exception." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070508 Exchange Calendar MODPROPS Denial of Service (CVE-2007-0039)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/468047/100/0/threaded" + }, + { + "name": "HPSBST02214", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" + }, + { + "name": "1018015", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018015" + }, + { + "name": "MS07-026", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-026" + }, + { + "name": "34390", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34390" + }, + { + "name": "SSRT071422", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" + }, + { + "name": "oval:org.mitre.oval:def:1593", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1593" + }, + { + "name": "25183", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25183" + }, + { + "name": "TA07-128A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" + }, + { + "name": "exchange-ical-dos(33888)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33888" + }, + { + "name": "ADV-2007-1711", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1711" + }, + { + "name": "http://www.determina.com/security.research/vulnerabilities/exchange-ical-modprops.html", + "refsource": "MISC", + "url": "http://www.determina.com/security.research/vulnerabilities/exchange-ical-modprops.html" + }, + { + "name": "23808", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23808" + }, + { + "name": "20070509 Exchange Calendar MODPROPS Denial of Service (CVE-2007-0039)", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063232.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0322.json b/2007/0xxx/CVE-2007-0322.json index 8748b76ba98..c9a15da199b 100644 --- a/2007/0xxx/CVE-2007-0322.json +++ b/2007/0xxx/CVE-2007-0322.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0322", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2007-0322", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#907481", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/907481" - }, - { - "name" : "25544", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25544" - }, - { - "name" : "26659", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26659" - }, - { - "name" : "quickbooks-activex-bo(36462)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36462" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#907481", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/907481" + }, + { + "name": "quickbooks-activex-bo(36462)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36462" + }, + { + "name": "26659", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26659" + }, + { + "name": "25544", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25544" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0411.json b/2007/0xxx/CVE-2007-0411.json index 8b6182469fc..41646077134 100644 --- a/2007/0xxx/CVE-2007-0411.json +++ b/2007/0xxx/CVE-2007-0411.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0411", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "BEA WebLogic Server 8.1 through 8.1 SP5, 9.0, 9.1, and 9.2 Gold, when WS-Security is used, does not properly validate certificates, which allows remote attackers to conduct a man-in-the-middle (MITM) attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0411", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "BEA07-138.00", - "refsource" : "BEA", - "url" : "http://dev2dev.bea.com/pub/advisory/205" - }, - { - "name" : "22082", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22082" - }, - { - "name" : "ADV-2007-0213", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0213" - }, - { - "name" : "38503", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38503" - }, - { - "name" : "1017525", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017525" - }, - { - "name" : "23750", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23750" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "BEA WebLogic Server 8.1 through 8.1 SP5, 9.0, 9.1, and 9.2 Gold, when WS-Security is used, does not properly validate certificates, which allows remote attackers to conduct a man-in-the-middle (MITM) attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38503", + "refsource": "OSVDB", + "url": "http://osvdb.org/38503" + }, + { + "name": "1017525", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017525" + }, + { + "name": "23750", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23750" + }, + { + "name": "22082", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22082" + }, + { + "name": "ADV-2007-0213", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0213" + }, + { + "name": "BEA07-138.00", + "refsource": "BEA", + "url": "http://dev2dev.bea.com/pub/advisory/205" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0514.json b/2007/0xxx/CVE-2007-0514.json index e1765267705..9ccc321ecee 100644 --- a/2007/0xxx/CVE-2007-0514.json +++ b/2007/0xxx/CVE-2007-0514.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0514", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0514", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html" - }, - { - "name" : "ADV-2007-0326", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0326" - }, - { - "name" : "32997", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32997" - }, - { - "name" : "32998", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32998" - }, - { - "name" : "23843", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23843" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and Cosminexus products before 20070124 allow remote attackers to inject arbitrary web script or HTML via (1) HTTP Expect headers or (2) image maps." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32998", + "refsource": "OSVDB", + "url": "http://osvdb.org/32998" + }, + { + "name": "23843", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23843" + }, + { + "name": "ADV-2007-0326", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0326" + }, + { + "name": "32997", + "refsource": "OSVDB", + "url": "http://osvdb.org/32997" + }, + { + "name": "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-022_e/01-e.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1295.json b/2007/1xxx/CVE-2007-1295.json index 9dbd5e1b40a..7f87ad3ee29 100644 --- a/2007/1xxx/CVE-2007-1295.json +++ b/2007/1xxx/CVE-2007-1295.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1295", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in topic_title.php in AJ Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the td_id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1295", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3411", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3411" - }, - { - "name" : "22808", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22808" - }, - { - "name" : "ADV-2007-0820", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0820" - }, - { - "name" : "33827", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33827" - }, - { - "name" : "24378", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24378" - }, - { - "name" : "ajforum-topictitle-sql-injection(32785)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32785" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in topic_title.php in AJ Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the td_id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3411", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3411" + }, + { + "name": "24378", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24378" + }, + { + "name": "33827", + "refsource": "OSVDB", + "url": "http://osvdb.org/33827" + }, + { + "name": "22808", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22808" + }, + { + "name": "ADV-2007-0820", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0820" + }, + { + "name": "ajforum-topictitle-sql-injection(32785)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32785" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1342.json b/2007/1xxx/CVE-2007-1342.json index af114be0596..fcf50181604 100644 --- a/2007/1xxx/CVE-2007-1342.json +++ b/2007/1xxx/CVE-2007-1342.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1342", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in admincp/index.php in Jelsoft vBulletin 3.6.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the add rss url form." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1342", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070302 vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461727/100/0/threaded" - }, - { - "name" : "22790", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22790" - }, - { - "name" : "2396", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2396" - }, - { - "name" : "vbulletin-admincpindex-xss(32780)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32780" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in admincp/index.php in Jelsoft vBulletin 3.6.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the add rss url form." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070302 vBulletin v3.6.5 admincp/index.php ( rss feed ) xss vuln.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461727/100/0/threaded" + }, + { + "name": "22790", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22790" + }, + { + "name": "2396", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2396" + }, + { + "name": "vbulletin-admincpindex-xss(32780)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32780" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1639.json b/2007/1xxx/CVE-2007-1639.json index 0f1481e4b31..e3d90588be5 100644 --- a/2007/1xxx/CVE-2007-1639.json +++ b/2007/1xxx/CVE-2007-1639.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1639", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in PHProjekt 5.2.0, when magic_quotes_gpc is disabled, allows remote authenticated users to upload and execute arbitrary PHP code via a file with an executable extension, which is then accessed by the (1) calendar or (2) file management module, or possibly unspecified other files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1639", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070314 n.runs-SA-2007.006 - PHProjekt 5.2.0 - Privilege escalation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462785/100/100/threaded" - }, - { - "name" : "http://www.nruns.de/security_advisory_phprojekt_privilege_escalation.php", - "refsource" : "MISC", - "url" : "http://www.nruns.de/security_advisory_phprojekt_privilege_escalation.php" - }, - { - "name" : "http://www.phprojekt.com/index.php?name=News&file=article&sid=276", - "refsource" : "CONFIRM", - "url" : "http://www.phprojekt.com/index.php?name=News&file=article&sid=276" - }, - { - "name" : "GLSA-200706-07", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200706-07.xml" - }, - { - "name" : "22956", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22956" - }, - { - "name" : "35163", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35163" - }, - { - "name" : "24509", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24509" - }, - { - "name" : "25748", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25748" - }, - { - "name" : "2476", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2476" - }, - { - "name" : "phprojekt-calendarfile-file-upload(32995)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32995" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in PHProjekt 5.2.0, when magic_quotes_gpc is disabled, allows remote authenticated users to upload and execute arbitrary PHP code via a file with an executable extension, which is then accessed by the (1) calendar or (2) file management module, or possibly unspecified other files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.nruns.de/security_advisory_phprojekt_privilege_escalation.php", + "refsource": "MISC", + "url": "http://www.nruns.de/security_advisory_phprojekt_privilege_escalation.php" + }, + { + "name": "20070314 n.runs-SA-2007.006 - PHProjekt 5.2.0 - Privilege escalation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462785/100/100/threaded" + }, + { + "name": "22956", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22956" + }, + { + "name": "24509", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24509" + }, + { + "name": "http://www.phprojekt.com/index.php?name=News&file=article&sid=276", + "refsource": "CONFIRM", + "url": "http://www.phprojekt.com/index.php?name=News&file=article&sid=276" + }, + { + "name": "phprojekt-calendarfile-file-upload(32995)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32995" + }, + { + "name": "2476", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2476" + }, + { + "name": "GLSA-200706-07", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200706-07.xml" + }, + { + "name": "35163", + "refsource": "OSVDB", + "url": "http://osvdb.org/35163" + }, + { + "name": "25748", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25748" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1648.json b/2007/1xxx/CVE-2007-1648.json index 618cc32571d..5497960c0bd 100644 --- a/2007/1xxx/CVE-2007-1648.json +++ b/2007/1xxx/CVE-2007-1648.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1648", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "0irc 1345 build 20060823 allows remote attackers to cause a denial of service (application crash) by operating an IRC server that sends a long string to a client, which triggers a NULL pointer dereference." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1648", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3547", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3547" - }, - { - "name" : "23101", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23101" - }, - { - "name" : "43557", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43557" - }, - { - "name" : "oircclient-null-pointer-dos(33224)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33224" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "0irc 1345 build 20060823 allows remote attackers to cause a denial of service (application crash) by operating an IRC server that sends a long string to a client, which triggers a NULL pointer dereference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23101", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23101" + }, + { + "name": "3547", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3547" + }, + { + "name": "43557", + "refsource": "OSVDB", + "url": "http://osvdb.org/43557" + }, + { + "name": "oircclient-null-pointer-dos(33224)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33224" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4204.json b/2007/4xxx/CVE-2007-4204.json index 0e072c51198..dee35541be4 100644 --- a/2007/4xxx/CVE-2007-4204.json +++ b/2007/4xxx/CVE-2007-4204.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4204", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4204", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html" - }, - { - "name" : "ADV-2007-2723", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2723" - }, - { - "name" : "46987", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/46987" - }, - { - "name" : "hitachi-groupmax-schedule-info-disclosure(35704)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-2723", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2723" + }, + { + "name": "46987", + "refsource": "OSVDB", + "url": "http://osvdb.org/46987" + }, + { + "name": "hitachi-groupmax-schedule-info-disclosure(35704)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35704" + }, + { + "name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4824.json b/2007/4xxx/CVE-2007-4824.json index e800c845dd6..244238dfc37 100644 --- a/2007/4xxx/CVE-2007-4824.json +++ b/2007/4xxx/CVE-2007-4824.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4824", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4824", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/", - "refsource" : "MISC", - "url" : "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/" - }, - { - "name" : "45900", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45900" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-application scripting (XAS) vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/", + "refsource": "MISC", + "url": "http://xs-sniper.com/blog/2007/08/20/say-cheeeeeese/" + }, + { + "name": "45900", + "refsource": "OSVDB", + "url": "http://osvdb.org/45900" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5039.json b/2007/5xxx/CVE-2007-5039.json index 22bb9bb6db1..43ee1bebf3f 100644 --- a/2007/5xxx/CVE-2007-5039.json +++ b/2007/5xxx/CVE-2007-5039.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5039", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Ghost Security Suite beta 1.110 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteValueKey, (3) NtQueryValueKey, (4) NtSetSystemInformation, and (5) NtSetValueKey kernel SSDT hooks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5039", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070918 Plague in (security) software drivers & BSDOhook utility", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479830/100/0/threaded" - }, - { - "name" : "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php", - "refsource" : "MISC", - "url" : "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php" - }, - { - "name" : "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php", - "refsource" : "MISC", - "url" : "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php" - }, - { - "name" : "45895", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45895" - }, - { - "name" : "3161", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3161" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Ghost Security Suite beta 1.110 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteValueKey, (3) NtQueryValueKey, (4) NtSetSystemInformation, and (5) NtSetValueKey kernel SSDT hooks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3161", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3161" + }, + { + "name": "45895", + "refsource": "OSVDB", + "url": "http://osvdb.org/45895" + }, + { + "name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php", + "refsource": "MISC", + "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php" + }, + { + "name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php", + "refsource": "MISC", + "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php" + }, + { + "name": "20070918 Plague in (security) software drivers & BSDOhook utility", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3093.json b/2015/3xxx/CVE-2015-3093.json index bc5d4c2bd10..1eb7735d132 100644 --- a/2015/3xxx/CVE-2015-3093.json +++ b/2015/3xxx/CVE-2015-3093.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3093", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3078, CVE-2015-3089, and CVE-2015-3090." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-3093", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37846", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37846/" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html" - }, - { - "name" : "GLSA-201505-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201505-02" - }, - { - "name" : "RHSA-2015:1005", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1005.html" - }, - { - "name" : "SUSE-SU-2015:0878", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html" - }, - { - "name" : "openSUSE-SU-2015:0890", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html" - }, - { - "name" : "openSUSE-SU-2015:0914", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html" - }, - { - "name" : "74605", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74605" - }, - { - "name" : "1032285", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032285" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3078, CVE-2015-3089, and CVE-2015-3090." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032285", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032285" + }, + { + "name": "SUSE-SU-2015:0878", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html" + }, + { + "name": "openSUSE-SU-2015:0890", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html" + }, + { + "name": "GLSA-201505-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201505-02" + }, + { + "name": "openSUSE-SU-2015:0914", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html" + }, + { + "name": "37846", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37846/" + }, + { + "name": "RHSA-2015:1005", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1005.html" + }, + { + "name": "74605", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74605" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3109.json b/2015/3xxx/CVE-2015-3109.json index a7d584e155a..f8e8af4d726 100644 --- a/2015/3xxx/CVE-2015-3109.json +++ b/2015/3xxx/CVE-2015-3109.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3109", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Photoshop CC before 16.0 (aka 2015.0.0) allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-3109", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/photoshop/apsb15-12.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/photoshop/apsb15-12.html" - }, - { - "name" : "75242", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75242" - }, - { - "name" : "1032659", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032659" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Photoshop CC before 16.0 (aka 2015.0.0) allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032659", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032659" + }, + { + "name": "https://helpx.adobe.com/security/products/photoshop/apsb15-12.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/photoshop/apsb15-12.html" + }, + { + "name": "75242", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75242" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3362.json b/2015/3xxx/CVE-2015-3362.json index e5d2e23e5a1..69671024428 100644 --- a/2015/3xxx/CVE-2015-3362.json +++ b/2015/3xxx/CVE-2015-3362.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3362", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Video module before 7.x-2.11 for Drupal, when using the video WYSIWYG plugin, allows remote authenticated users to inject arbitrary web script or HTML via a node title." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3362", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/01/29/6" - }, - { - "name" : "https://www.drupal.org/node/2407341", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2407341" - }, - { - "name" : "https://www.drupal.org/node/2407047", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2407047" - }, - { - "name" : "72117", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72117" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Video module before 7.x-2.11 for Drupal, when using the video WYSIWYG plugin, allows remote authenticated users to inject arbitrary web script or HTML via a node title." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2407047", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2407047" + }, + { + "name": "https://www.drupal.org/node/2407341", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2407341" + }, + { + "name": "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/01/29/6" + }, + { + "name": "72117", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72117" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3418.json b/2015/3xxx/CVE-2015-3418.json index 2d7cbdee704..8b550198794 100644 --- a/2015/3xxx/CVE-2015-3418.json +++ b/2015/3xxx/CVE-2015-3418.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3418", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@suse.com", + "ID": "CVE-2015-3418", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[xorg-announce] 20150210 xorg-server 1.16.4", - "refsource" : "MLIST", - "url" : "https://lists.x.org/archives/xorg-announce/2015-February/002532.html" - }, - { - "name" : "https://cgit.freedesktop.org/xorg/xserver/commit/?id=dc777c346d5d452a53b13b917c45f6a1bad2f20b", - "refsource" : "CONFIRM", - "url" : "https://cgit.freedesktop.org/xorg/xserver/commit/?id=dc777c346d5d452a53b13b917c45f6a1bad2f20b" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" - }, - { - "name" : "GLSA-201701-64", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-64" - }, - { - "name" : "74328", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74328" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ProcPutImage function in dix/dispatch.c in X.Org Server (aka xserver and xorg-server) before 1.16.4 allows attackers to cause a denial of service (divide-by-zero and crash) via a zero-height PutImage request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74328", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74328" + }, + { + "name": "https://cgit.freedesktop.org/xorg/xserver/commit/?id=dc777c346d5d452a53b13b917c45f6a1bad2f20b", + "refsource": "CONFIRM", + "url": "https://cgit.freedesktop.org/xorg/xserver/commit/?id=dc777c346d5d452a53b13b917c45f6a1bad2f20b" + }, + { + "name": "GLSA-201701-64", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-64" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" + }, + { + "name": "[xorg-announce] 20150210 xorg-server 1.16.4", + "refsource": "MLIST", + "url": "https://lists.x.org/archives/xorg-announce/2015-February/002532.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3465.json b/2015/3xxx/CVE-2015-3465.json index c9948af6f86..0528014475a 100644 --- a/2015/3xxx/CVE-2015-3465.json +++ b/2015/3xxx/CVE-2015-3465.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3465", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3465", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6574.json b/2015/6xxx/CVE-2015-6574.json index 6329af61dc5..e0af34295db 100644 --- a/2015/6xxx/CVE-2015-6574.json +++ b/2015/6xxx/CVE-2015-6574.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6574", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SNAP Lite component in certain SISCO MMS-EASE and AX-S4 ICCP products allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6574", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-6574/", - "refsource" : "MISC", - "url" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-6574/" - }, - { - "name" : "https://www.sisconet.com/wp-content/uploads/2016/04/SecNote_CVE-2015-6574-Portcullis-20160426.pdf", - "refsource" : "CONFIRM", - "url" : "https://www.sisconet.com/wp-content/uploads/2016/04/SecNote_CVE-2015-6574-Portcullis-20160426.pdf" - }, - { - "name" : "95022", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95022" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SNAP Lite component in certain SISCO MMS-EASE and AX-S4 ICCP products allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95022", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95022" + }, + { + "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-6574/", + "refsource": "MISC", + "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-6574/" + }, + { + "name": "https://www.sisconet.com/wp-content/uploads/2016/04/SecNote_CVE-2015-6574-Portcullis-20160426.pdf", + "refsource": "CONFIRM", + "url": "https://www.sisconet.com/wp-content/uploads/2016/04/SecNote_CVE-2015-6574-Portcullis-20160426.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6856.json b/2015/6xxx/CVE-2015-6856.json index f42e5cd1761..d6f8a734a34 100644 --- a/2015/6xxx/CVE-2015-6856.json +++ b/2015/6xxx/CVE-2015-6856.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6856", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x0022201c IOCTL call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6856", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151218 KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537161/100/0/threaded" - }, - { - "name" : "20151218 KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Dec/81" - }, - { - "name" : "http://packetstormsecurity.com/files/134987/Dell-Authentication-Driver-Uncontrolled-Write.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134987/Dell-Authentication-Driver-Uncontrolled-Write.html" - }, - { - "name" : "https://www.korelogic.com/Resources/Advisories/KL-001-2015-008.txt", - "refsource" : "MISC", - "url" : "https://www.korelogic.com/Resources/Advisories/KL-001-2015-008.txt" - }, - { - "name" : "79643", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79643" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x0022201c IOCTL call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.korelogic.com/Resources/Advisories/KL-001-2015-008.txt", + "refsource": "MISC", + "url": "https://www.korelogic.com/Resources/Advisories/KL-001-2015-008.txt" + }, + { + "name": "http://packetstormsecurity.com/files/134987/Dell-Authentication-Driver-Uncontrolled-Write.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134987/Dell-Authentication-Driver-Uncontrolled-Write.html" + }, + { + "name": "20151218 KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537161/100/0/threaded" + }, + { + "name": "79643", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79643" + }, + { + "name": "20151218 KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Dec/81" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6906.json b/2015/6xxx/CVE-2015-6906.json index 9aebc7d2fcd..6203c78e6d9 100644 --- a/2015/6xxx/CVE-2015-6906.json +++ b/2015/6xxx/CVE-2015-6906.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6906", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6906", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6994.json b/2015/6xxx/CVE-2015-6994.json index 18b21aff891..6e5d063e1f0 100644 --- a/2015/6xxx/CVE-2015-6994.json +++ b/2015/6xxx/CVE-2015-6994.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6994", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-6994", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205370", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205370" - }, - { - "name" : "https://support.apple.com/HT205375", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205375" - }, - { - "name" : "APPLE-SA-2015-10-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" - }, - { - "name" : "APPLE-SA-2015-10-21-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" - }, - { - "name" : "77263", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77263" - }, - { - "name" : "1033929", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033929" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which allows attackers to cause a denial of service via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-10-21-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" + }, + { + "name": "APPLE-SA-2015-10-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" + }, + { + "name": "https://support.apple.com/HT205375", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205375" + }, + { + "name": "https://support.apple.com/HT205370", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205370" + }, + { + "name": "77263", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77263" + }, + { + "name": "1033929", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033929" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7205.json b/2015/7xxx/CVE-2015-7205.json index f1121e51ccc..eeb23293cbc 100644 --- a/2015/7xxx/CVE-2015-7205.json +++ b/2015/7xxx/CVE-2015-7205.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7205", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-7205", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-145.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-145.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1220493", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1220493" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "DSA-3422", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3422" - }, - { - "name" : "DSA-3432", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3432" - }, - { - "name" : "FEDORA-2015-51b1105902", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html" - }, - { - "name" : "FEDORA-2015-7ab3d3afcf", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "RHSA-2015:2657", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2657.html" - }, - { - "name" : "openSUSE-SU-2016:0307", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" - }, - { - "name" : "openSUSE-SU-2016:0308", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" - }, - { - "name" : "openSUSE-SU-2015:2353", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html" - }, - { - "name" : "openSUSE-SU-2015:2380", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00038.html" - }, - { - "name" : "openSUSE-SU-2015:2406", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00049.html" - }, - { - "name" : "SUSE-SU-2015:2334", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00021.html" - }, - { - "name" : "SUSE-SU-2015:2335", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00022.html" - }, - { - "name" : "SUSE-SU-2015:2336", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00023.html" - }, - { - "name" : "USN-2859-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2859-1" - }, - { - "name" : "USN-2833-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2833-1" - }, - { - "name" : "79279", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79279" - }, - { - "name" : "1034426", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034426" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2015:2334", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00021.html" + }, + { + "name": "openSUSE-SU-2015:2380", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00038.html" + }, + { + "name": "DSA-3432", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3432" + }, + { + "name": "79279", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79279" + }, + { + "name": "SUSE-SU-2015:2335", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00022.html" + }, + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "openSUSE-SU-2015:2353", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "openSUSE-SU-2015:2406", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00049.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "openSUSE-SU-2016:0308", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-145.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-145.html" + }, + { + "name": "FEDORA-2015-7ab3d3afcf", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html" + }, + { + "name": "USN-2859-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2859-1" + }, + { + "name": "USN-2833-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2833-1" + }, + { + "name": "RHSA-2015:2657", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2657.html" + }, + { + "name": "SUSE-SU-2015:2336", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00023.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1220493", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1220493" + }, + { + "name": "openSUSE-SU-2016:0307", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" + }, + { + "name": "FEDORA-2015-51b1105902", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html" + }, + { + "name": "1034426", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034426" + }, + { + "name": "DSA-3422", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3422" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7239.json b/2015/7xxx/CVE-2015-7239.json index 03162488cbb..bcdb64bc110 100644 --- a/2015/7xxx/CVE-2015-7239.json +++ b/2015/7xxx/CVE-2015-7239.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7239", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the BP_FIND_JOBS_WITH_PROGRAM function module in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7239", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151214 [ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537109/100/0/threaded" - }, - { - "name" : "20151216 [ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Dec/66" - }, - { - "name" : "https://erpscan.io/advisories/erpscan-15-021-sap-netweaver-7-4-bp_find_jobs_with_program-sql-injection/", - "refsource" : "MISC", - "url" : "https://erpscan.io/advisories/erpscan-15-021-sap-netweaver-7-4-bp_find_jobs_with_program-sql-injection/" - }, - { - "name" : "http://packetstormsecurity.com/files/134801/SAP-NetWeaver-J2EE-Engine-7.40-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134801/SAP-NetWeaver-J2EE-Engine-7.40-SQL-Injection.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the BP_FIND_JOBS_WITH_PROGRAM function module in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://erpscan.io/advisories/erpscan-15-021-sap-netweaver-7-4-bp_find_jobs_with_program-sql-injection/", + "refsource": "MISC", + "url": "https://erpscan.io/advisories/erpscan-15-021-sap-netweaver-7-4-bp_find_jobs_with_program-sql-injection/" + }, + { + "name": "20151214 [ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537109/100/0/threaded" + }, + { + "name": "20151216 [ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Dec/66" + }, + { + "name": "http://packetstormsecurity.com/files/134801/SAP-NetWeaver-J2EE-Engine-7.40-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134801/SAP-NetWeaver-J2EE-Engine-7.40-SQL-Injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7888.json b/2015/7xxx/CVE-2015-7888.json index d01e0f4c89a..6c30034db78 100644 --- a/2015/7xxx/CVE-2015-7888.json +++ b/2015/7xxx/CVE-2015-7888.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7888", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the WifiHs20UtilityService on the Samsung S6 Edge LRX22G.G925VVRU1AOE2 allows remote attackers to overwrite or create arbitrary files as the system-level user via a .. (dot dot) in the name of a file, compressed into a zipped file named cred.zip, and downloaded to /sdcard/Download." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7888", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/134104/Samsung-WifiHs20UtilityService-Path-Traversal.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134104/Samsung-WifiHs20UtilityService-Path-Traversal.html" - }, - { - "name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=489&q=samsung&redir=1", - "refsource" : "MISC", - "url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=489&q=samsung&redir=1" - }, - { - "name" : "77338", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77338" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the WifiHs20UtilityService on the Samsung S6 Edge LRX22G.G925VVRU1AOE2 allows remote attackers to overwrite or create arbitrary files as the system-level user via a .. (dot dot) in the name of a file, compressed into a zipped file named cred.zip, and downloaded to /sdcard/Download." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "77338", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77338" + }, + { + "name": "http://packetstormsecurity.com/files/134104/Samsung-WifiHs20UtilityService-Path-Traversal.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134104/Samsung-WifiHs20UtilityService-Path-Traversal.html" + }, + { + "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=489&q=samsung&redir=1", + "refsource": "MISC", + "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=489&q=samsung&redir=1" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8557.json b/2015/8xxx/CVE-2015-8557.json index 40050a9bb87..600c4885932 100644 --- a/2015/8xxx/CVE-2015-8557.json +++ b/2015/8xxx/CVE-2015-8557.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8557", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8557", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151001 Shell Injection in Pygments FontManager._get_nix_font_path", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Oct/4" - }, - { - "name" : "[oss-security] 20151214 CVE request: Shell Injection in Pygments FontManager._get_nix_font_path", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/12/14/6" - }, - { - "name" : "[oss-security] 20151214 Re: CVE request: Shell Injection in Pygments FontManager._get_nix_font_path", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/12/14/17" - }, - { - "name" : "http://packetstormsecurity.com/files/133823/Pygments-FontManager._get_nix_font_path-Shell-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133823/Pygments-FontManager._get_nix_font_path-Shell-Injection.html" - }, - { - "name" : "https://bitbucket.org/birkenfeld/pygments-main/pull-requests/501/fix-shell-injection-in/diff", - "refsource" : "MISC", - "url" : "https://bitbucket.org/birkenfeld/pygments-main/pull-requests/501/fix-shell-injection-in/diff" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" - }, - { - "name" : "DSA-3445", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3445" - }, - { - "name" : "GLSA-201612-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-05" - }, - { - "name" : "USN-2862-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2862-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2862-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2862-1" + }, + { + "name": "http://packetstormsecurity.com/files/133823/Pygments-FontManager._get_nix_font_path-Shell-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133823/Pygments-FontManager._get_nix_font_path-Shell-Injection.html" + }, + { + "name": "[oss-security] 20151214 CVE request: Shell Injection in Pygments FontManager._get_nix_font_path", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/12/14/6" + }, + { + "name": "[oss-security] 20151214 Re: CVE request: Shell Injection in Pygments FontManager._get_nix_font_path", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/12/14/17" + }, + { + "name": "20151001 Shell Injection in Pygments FontManager._get_nix_font_path", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Oct/4" + }, + { + "name": "DSA-3445", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3445" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" + }, + { + "name": "GLSA-201612-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-05" + }, + { + "name": "https://bitbucket.org/birkenfeld/pygments-main/pull-requests/501/fix-shell-injection-in/diff", + "refsource": "MISC", + "url": "https://bitbucket.org/birkenfeld/pygments-main/pull-requests/501/fix-shell-injection-in/diff" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8686.json b/2015/8xxx/CVE-2015-8686.json index 121f1dbbfa4..9d36fb56f55 100644 --- a/2015/8xxx/CVE-2015-8686.json +++ b/2015/8xxx/CVE-2015-8686.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8686", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8686", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0185.json b/2016/0xxx/CVE-2016-0185.json index 574c0b6b083..3779fc6087b 100644 --- a/2016/0xxx/CVE-2016-0185.json +++ b/2016/0xxx/CVE-2016-0185.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0185", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka \"Windows Media Center Remote Code Execution Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0185", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39805", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39805/" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-277", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-277" - }, - { - "name" : "MS16-059", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-059" - }, - { - "name" : "90023", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90023" - }, - { - "name" : "1035832", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035832" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka \"Windows Media Center Remote Code Execution Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-059", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-059" + }, + { + "name": "90023", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90023" + }, + { + "name": "39805", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39805/" + }, + { + "name": "1035832", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035832" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-277", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-277" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0247.json b/2016/0xxx/CVE-2016-0247.json index 9e060c4d7a6..129e1153878 100644 --- a/2016/0xxx/CVE-2016-0247.json +++ b/2016/0xxx/CVE-2016-0247.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0247", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Guardium 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows local users to obtain sensitive cleartext information via unspecified vectors, as demonstrated by password information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0247", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21990368", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21990368" - }, - { - "name" : "93341", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93341" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Guardium 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows local users to obtain sensitive cleartext information via unspecified vectors, as demonstrated by password information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93341", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93341" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21990368", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990368" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0362.json b/2016/0xxx/CVE-2016-0362.json index 680d8a1bac0..8483c973826 100644 --- a/2016/0xxx/CVE-2016-0362.json +++ b/2016/0xxx/CVE-2016-0362.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0362", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet or Internet hosts, via a crafted proxy request to a web service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0362", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21980749", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21980749" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet or Internet hosts, via a crafted proxy request to a web service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21980749", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980749" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0921.json b/2016/0xxx/CVE-2016-0921.json index d3c7a919568..4741a75baa9 100644 --- a/2016/0xxx/CVE-2016-0921.json +++ b/2016/0xxx/CVE-2016-0921.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security_alert@emc.com", - "ID" : "CVE-2016-0921", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use weak permissions for unspecified directories, which allows local users to obtain root access by replacing a script with a Trojan horse program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2016-0921", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160919 ESA-2016-065: EMC Avamar Data Store and Avamar Virtual Edition Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/bugtraq/2016/Sep/31" - }, - { - "name" : "93032", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93032" - }, - { - "name" : "1036844", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036844" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 use weak permissions for unspecified directories, which allows local users to obtain root access by replacing a script with a Trojan horse program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93032", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93032" + }, + { + "name": "20160919 ESA-2016-065: EMC Avamar Data Store and Avamar Virtual Edition Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/bugtraq/2016/Sep/31" + }, + { + "name": "1036844", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036844" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1574.json b/2016/1xxx/CVE-2016-1574.json index 682568d1d3b..1b1b7c6d7eb 100644 --- a/2016/1xxx/CVE-2016-1574.json +++ b/2016/1xxx/CVE-2016-1574.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1574", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-1574", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1806.json b/2016/1xxx/CVE-2016-1806.json index 5a2a7bad49d..360b0fbc180 100644 --- a/2016/1xxx/CVE-2016-1806.json +++ b/2016/1xxx/CVE-2016-1806.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1806", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Crash Reporter in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1806", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-346", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-346" - }, - { - "name" : "https://support.apple.com/HT206567", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206567" - }, - { - "name" : "APPLE-SA-2016-05-16-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" - }, - { - "name" : "90696", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90696" - }, - { - "name" : "1035895", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Crash Reporter in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-346", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-346" + }, + { + "name": "https://support.apple.com/HT206567", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206567" + }, + { + "name": "APPLE-SA-2016-05-16-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" + }, + { + "name": "90696", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90696" + }, + { + "name": "1035895", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035895" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1839.json b/2016/1xxx/CVE-2016-1839.json index 5de8ed7ce7a..e00f690967b 100644 --- a/2016/1xxx/CVE-2016-1839.json +++ b/2016/1xxx/CVE-2016-1839.json @@ -1,177 +1,177 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1839", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1839", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206564", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206564" - }, - { - "name" : "https://support.apple.com/HT206566", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206566" - }, - { - "name" : "https://support.apple.com/HT206567", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206567" - }, - { - "name" : "https://support.apple.com/HT206568", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206568" - }, - { - "name" : "http://xmlsoft.org/news.html", - "refsource" : "CONFIRM", - "url" : "http://xmlsoft.org/news.html" - }, - { - "name" : "https://bugzilla.gnome.org/show_bug.cgi?id=758605", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.gnome.org/show_bug.cgi?id=758605" - }, - { - "name" : "https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33", - "refsource" : "CONFIRM", - "url" : "https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" - }, - { - "name" : "https://www.tenable.com/security/tns-2016-18", - "refsource" : "CONFIRM", - "url" : "https://www.tenable.com/security/tns-2016-18" - }, - { - "name" : "APPLE-SA-2016-05-16-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" - }, - { - "name" : "APPLE-SA-2016-05-16-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-05-16-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" - }, - { - "name" : "APPLE-SA-2016-05-16-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" - }, - { - "name" : "DSA-3593", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2016/dsa-3593" - }, - { - "name" : "GLSA-201701-37", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-37" - }, - { - "name" : "RHSA-2016:1292", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1292" - }, - { - "name" : "RHSA-2016:2957", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html" - }, - { - "name" : "USN-2994-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2994-1" - }, - { - "name" : "90691", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90691" - }, - { - "name" : "1035890", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035890" - }, - { - "name" : "1038623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" + }, + { + "name": "RHSA-2016:1292", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1292" + }, + { + "name": "https://bugzilla.gnome.org/show_bug.cgi?id=758605", + "refsource": "CONFIRM", + "url": "https://bugzilla.gnome.org/show_bug.cgi?id=758605" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "https://support.apple.com/HT206567", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206567" + }, + { + "name": "90691", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90691" + }, + { + "name": "DSA-3593", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2016/dsa-3593" + }, + { + "name": "http://xmlsoft.org/news.html", + "refsource": "CONFIRM", + "url": "http://xmlsoft.org/news.html" + }, + { + "name": "APPLE-SA-2016-05-16-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" + }, + { + "name": "USN-2994-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2994-1" + }, + { + "name": "https://support.apple.com/HT206566", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206566" + }, + { + "name": "https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33", + "refsource": "CONFIRM", + "url": "https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" + }, + { + "name": "https://www.tenable.com/security/tns-2016-18", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2016-18" + }, + { + "name": "APPLE-SA-2016-05-16-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" + }, + { + "name": "https://support.apple.com/HT206564", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206564" + }, + { + "name": "RHSA-2016:2957", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" + }, + { + "name": "GLSA-201701-37", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-37" + }, + { + "name": "1035890", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035890" + }, + { + "name": "APPLE-SA-2016-05-16-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" + }, + { + "name": "1038623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038623" + }, + { + "name": "https://support.apple.com/HT206568", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206568" + }, + { + "name": "APPLE-SA-2016-05-16-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1994.json b/2016/1xxx/CVE-2016-1994.json index db28fcdada9..35428bd4680 100644 --- a/2016/1xxx/CVE-2016-1994.json +++ b/2016/1xxx/CVE-2016-1994.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1994", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1994", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763" - }, - { - "name" : "1035325", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035325" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive information via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035325", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035325" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5254.json b/2016/5xxx/CVE-2016-5254.json index 1cc4bccede8..cb1a38a679e 100644 --- a/2016/5xxx/CVE-2016-5254.json +++ b/2016/5xxx/CVE-2016-5254.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5254", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-5254", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-70.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-70.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1266963", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1266963" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "DSA-3640", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3640" - }, - { - "name" : "GLSA-201701-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-15" - }, - { - "name" : "RHSA-2016:1551", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1551.html" - }, - { - "name" : "openSUSE-SU-2016:1964", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html" - }, - { - "name" : "openSUSE-SU-2016:2026", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html" - }, - { - "name" : "USN-3044-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3044-1" - }, - { - "name" : "92261", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92261" - }, - { - "name" : "1036508", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036508" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3640", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3640" + }, + { + "name": "1036508", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036508" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1266963", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1266963" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-70.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-70.html" + }, + { + "name": "USN-3044-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3044-1" + }, + { + "name": "RHSA-2016:1551", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1551.html" + }, + { + "name": "GLSA-201701-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-15" + }, + { + "name": "openSUSE-SU-2016:1964", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html" + }, + { + "name": "92261", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92261" + }, + { + "name": "openSUSE-SU-2016:2026", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5455.json b/2016/5xxx/CVE-2016-5455.json index 6fc84f962ab..ceb80846484 100644 --- a/2016/5xxx/CVE-2016-5455.json +++ b/2016/5xxx/CVE-2016-5455.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5455", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Communications Messaging Server component in Oracle Communications Applications 6.3, 7.0, and 8.0 allows remote attackers to affect confidentiality via vectors related to Multiplexor." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5455", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91863", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91863" - }, - { - "name" : "1036401", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036401" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Communications Messaging Server component in Oracle Communications Applications 6.3, 7.0, and 8.0 allows remote attackers to affect confidentiality via vectors related to Multiplexor." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "1036401", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036401" + }, + { + "name": "91863", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91863" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5511.json b/2016/5xxx/CVE-2016-5511.json index eacba86a49a..7fffdedf2c2 100644 --- a/2016/5xxx/CVE-2016-5511.json +++ b/2016/5xxx/CVE-2016-5511.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5511", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 12.2.1.0.0, 12.2.1.1.0, and 12.2.1.2.0 allows remote attackers to affect integrity via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5511", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93683", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93683" - }, - { - "name" : "1037051", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037051" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 12.2.1.0.0, 12.2.1.1.0, and 12.2.1.2.0 allows remote attackers to affect integrity via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93683", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93683" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "1037051", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037051" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5666.json b/2016/5xxx/CVE-2016-5666.json index 9808a522b41..b54c472e5a3 100644 --- a/2016/5xxx/CVE-2016-5666.json +++ b/2016/5xxx/CVE-2016-5666.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-5666", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-5666", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#974424", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/974424" - }, - { - "name" : "92211", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92211" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "92211", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92211" + }, + { + "name": "VU#974424", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/974424" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5978.json b/2016/5xxx/CVE-2016-5978.json index db0986b968a..61e778e98e8 100644 --- a/2016/5xxx/CVE-2016-5978.json +++ b/2016/5xxx/CVE-2016-5978.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5978", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Web UI in the web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerability than CVE-2016-5975." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-5978", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21990216", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21990216" - }, - { - "name" : "93140", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93140" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Web UI in the web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerability than CVE-2016-5975." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93140", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93140" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21990216", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990216" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0061.json b/2019/0xxx/CVE-2019-0061.json index 5a0c1df4b28..612877c236f 100644 --- a/2019/0xxx/CVE-2019-0061.json +++ b/2019/0xxx/CVE-2019-0061.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0061", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0061", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0419.json b/2019/0xxx/CVE-2019-0419.json index b5629d5cd19..85e01fbec84 100644 --- a/2019/0xxx/CVE-2019-0419.json +++ b/2019/0xxx/CVE-2019-0419.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0419", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0419", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0548.json b/2019/0xxx/CVE-2019-0548.json index eac0b95c346..443344a2039 100644 --- a/2019/0xxx/CVE-2019-0548.json +++ b/2019/0xxx/CVE-2019-0548.json @@ -1,75 +1,75 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "Secure@Microsoft.com", - "ID" : "CVE-2019-0548", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "ASP.NET Core", - "version" : { - "version_data" : [ - { - "version_value" : "2.1" - }, - { - "version_value" : "2.2" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka \"ASP.NET Core Denial of Service Vulnerability.\" This affects ASP.NET Core 2.2, ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0564." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0548", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ASP.NET Core", + "version": { + "version_data": [ + { + "version_value": "2.1" + }, + { + "version_value": "2.2" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0548", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0548" - }, - { - "name" : "RHSA-2019:0040", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2019:0040" - }, - { - "name" : "106410", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106410" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka \"ASP.NET Core Denial of Service Vulnerability.\" This affects ASP.NET Core 2.2, ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0564." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106410", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106410" + }, + { + "name": "RHSA-2019:0040", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2019:0040" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0548", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0548" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0994.json b/2019/0xxx/CVE-2019-0994.json index 64b341339d1..d42fa8d27c4 100644 --- a/2019/0xxx/CVE-2019-0994.json +++ b/2019/0xxx/CVE-2019-0994.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0994", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0994", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1237.json b/2019/1xxx/CVE-2019-1237.json index bbd0703a047..e3d81f4fb9d 100644 --- a/2019/1xxx/CVE-2019-1237.json +++ b/2019/1xxx/CVE-2019-1237.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1237", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1237", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1799.json b/2019/1xxx/CVE-2019-1799.json index e4effe03cb8..7322e0d12ca 100644 --- a/2019/1xxx/CVE-2019-1799.json +++ b/2019/1xxx/CVE-2019-1799.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1799", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1799", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1815.json b/2019/1xxx/CVE-2019-1815.json index 26f9cb951c3..c51c0e0841d 100644 --- a/2019/1xxx/CVE-2019-1815.json +++ b/2019/1xxx/CVE-2019-1815.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1815", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1815", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1987.json b/2019/1xxx/CVE-2019-1987.json index c8051109130..32321500409 100644 --- a/2019/1xxx/CVE-2019-1987.json +++ b/2019/1xxx/CVE-2019-1987.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2019-02-04T00:00:00", - "ID" : "CVE-2019-1987", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" - } - ] - } - } - ] - }, - "vendor_name" : "Android" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-118143775." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote code execution" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2019-02-04T00:00:00", + "ID": "CVE-2019-1987", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + }, + "vendor_name": "Android" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2019-02-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2019-02-01" - }, - { - "name" : "106842", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106842" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-118143775." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106842", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106842" + }, + { + "name": "https://source.android.com/security/bulletin/2019-02-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2019-02-01" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3494.json b/2019/3xxx/CVE-2019-3494.json index 77ffaae4094..eda5559e620 100644 --- a/2019/3xxx/CVE-2019-3494.json +++ b/2019/3xxx/CVE-2019-3494.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3494", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteCategories.php delete parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3494", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/Paroxyste/Simply-Blog/issues/1", - "refsource" : "MISC", - "url" : "https://github.com/Paroxyste/Simply-Blog/issues/1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteCategories.php delete parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/Paroxyste/Simply-Blog/issues/1", + "refsource": "MISC", + "url": "https://github.com/Paroxyste/Simply-Blog/issues/1" + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4172.json b/2019/4xxx/CVE-2019-4172.json index d7c2b97c566..a5c99f90a57 100644 --- a/2019/4xxx/CVE-2019-4172.json +++ b/2019/4xxx/CVE-2019-4172.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4172", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4172", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4197.json b/2019/4xxx/CVE-2019-4197.json index 076ce2caa2a..d0cdb73bb12 100644 --- a/2019/4xxx/CVE-2019-4197.json +++ b/2019/4xxx/CVE-2019-4197.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4197", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4197", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4275.json b/2019/4xxx/CVE-2019-4275.json index 3060e3a2596..2da48706c40 100644 --- a/2019/4xxx/CVE-2019-4275.json +++ b/2019/4xxx/CVE-2019-4275.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4275", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4275", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4506.json b/2019/4xxx/CVE-2019-4506.json index b97b2f962c0..c60a2920f62 100644 --- a/2019/4xxx/CVE-2019-4506.json +++ b/2019/4xxx/CVE-2019-4506.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4506", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4506", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8194.json b/2019/8xxx/CVE-2019-8194.json index d582002a0d7..61ad65b1843 100644 --- a/2019/8xxx/CVE-2019-8194.json +++ b/2019/8xxx/CVE-2019-8194.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8194", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8194", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8206.json b/2019/8xxx/CVE-2019-8206.json index 98d6f56ee5c..08632a5bdb8 100644 --- a/2019/8xxx/CVE-2019-8206.json +++ b/2019/8xxx/CVE-2019-8206.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8206", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8206", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8212.json b/2019/8xxx/CVE-2019-8212.json index 73b15251ef8..d8bcfaa9c28 100644 --- a/2019/8xxx/CVE-2019-8212.json +++ b/2019/8xxx/CVE-2019-8212.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8212", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8212", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8328.json b/2019/8xxx/CVE-2019-8328.json index 0ba2a8a0c52..42ceaccd646 100644 --- a/2019/8xxx/CVE-2019-8328.json +++ b/2019/8xxx/CVE-2019-8328.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8328", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8328", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8425.json b/2019/8xxx/CVE-2019-8425.json index 83aabf92f65..0d5d4b85365 100644 --- a/2019/8xxx/CVE-2019-8425.json +++ b/2019/8xxx/CVE-2019-8425.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8425", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8425", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#sql-query-error-reflected-xss", - "refsource" : "MISC", - "url" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#sql-query-error-reflected-xss" - }, - { - "name" : "https://www.seebug.org/vuldb/ssvid-97764", - "refsource" : "MISC", - "url" : "https://www.seebug.org/vuldb/ssvid-97764" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#sql-query-error-reflected-xss", + "refsource": "MISC", + "url": "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#sql-query-error-reflected-xss" + }, + { + "name": "https://www.seebug.org/vuldb/ssvid-97764", + "refsource": "MISC", + "url": "https://www.seebug.org/vuldb/ssvid-97764" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9002.json b/2019/9xxx/CVE-2019-9002.json index 8aa4dd9d3fc..26f70fb679e 100644 --- a/2019/9xxx/CVE-2019-9002.json +++ b/2019/9xxx/CVE-2019-9002.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9002", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs through 1.3.2c. install/config-setup.php allows remote attackers to execute arbitrary PHP code via the database_host parameter if the installer remains present in its original directory after installation is completed." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9002", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/mikelbring/tinyissue/issues/237", - "refsource" : "MISC", - "url" : "https://github.com/mikelbring/tinyissue/issues/237" - }, - { - "name" : "https://github.com/pixeline/bugs/commit/9d2d3fcdea22e94f7b497f6ed83791ab3a31ee41", - "refsource" : "MISC", - "url" : "https://github.com/pixeline/bugs/commit/9d2d3fcdea22e94f7b497f6ed83791ab3a31ee41" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs through 1.3.2c. install/config-setup.php allows remote attackers to execute arbitrary PHP code via the database_host parameter if the installer remains present in its original directory after installation is completed." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/mikelbring/tinyissue/issues/237", + "refsource": "MISC", + "url": "https://github.com/mikelbring/tinyissue/issues/237" + }, + { + "name": "https://github.com/pixeline/bugs/commit/9d2d3fcdea22e94f7b497f6ed83791ab3a31ee41", + "refsource": "MISC", + "url": "https://github.com/pixeline/bugs/commit/9d2d3fcdea22e94f7b497f6ed83791ab3a31ee41" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9369.json b/2019/9xxx/CVE-2019-9369.json index e2512710c39..2f0fb9b4a4f 100644 --- a/2019/9xxx/CVE-2019-9369.json +++ b/2019/9xxx/CVE-2019-9369.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9369", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9369", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9765.json b/2019/9xxx/CVE-2019-9765.json index 0ec4bbe6f7b..08ffbd35a5b 100644 --- a/2019/9xxx/CVE-2019-9765.json +++ b/2019/9xxx/CVE-2019-9765.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9765", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9765", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/xpleaf/Blog_mini/issues/43", - "refsource" : "MISC", - "url" : "https://github.com/xpleaf/Blog_mini/issues/43" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Blog_mini 1.0, XSS exists via the author name of a comment reply in the app/main/views.py articleDetails() function, related to app/templates/_article_comments.html." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/xpleaf/Blog_mini/issues/43", + "refsource": "MISC", + "url": "https://github.com/xpleaf/Blog_mini/issues/43" + } + ] + } +} \ No newline at end of file